防火墙练习实验

一.实验图纸

二. 实验命令

ciscoasa> en

Password:  

ciscoasa# conf t

ciscoasa(config)# hostname asa

asa(config)# enable password 123

asa(config)# int e0/0

asa(config-if)# nameif outside

asa(config-if)# ip add 202.106.0.1 255.255.255.0

asa(config-if)# no sh

asa(config-if)# exit

asa(config)# int e0/1

asa(config-if)# nameif inside

asa(config-if)# ip add 192.168.1.254 255.255.255.0

asa(config-if)# no sh

允许入站

asa(config)# access-list abc permit ip host 202.106.0.2 host 192.168.1.1

asa(config)# access-group abc in int outside

控制出站

asa(config)# access-list  bbs deny ip  host 192.168.1.1  host 202.106.0.2

asa(config)# access-list bbs  permit ip  any any

asa(config)# access-group bbs in int inside