当前位置: 首页 > >

51CTO下载-ASA拨号配置

发布时间:

请各位高手帮我看看,我用ASDM配置的,在192.168.0.254这台电脑上配置的,可以拨号上网了,但是PING不通外网,外网可以访问,其他IP,地址都不能上网,只有192.168.0.254可以,不知道是怎么回事?我的配置是
ciscoasa# sh run
: Saved
:
ASA Version 8.0(2)
!
hostname ciscoasa
enable password W6NR.LpFuUE03KOl encrypted
names
!
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group adsl
ip address pppoe setroute
!
interface Vlan3
nameif inside
security-level 100
ip address 192.168.0.1 255.255.224.0
!
interface Vlan5
nameif dmz
security-level 50
ip address 10.10.10.1 255.0.0.0
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 3
!
interface Ethernet0/2
switchport access vlan 3
!
interface Ethernet0/3
switchport access vlan 5
!
interface Ethernet0/4
shutdown
!
interface Ethernet0/5
shutdown
!
interface Ethernet0/6
shutdown
!
interface Ethernet0/7
switchport access vlan 5
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa802-k8.bin
ftp mode passive
object-group service DM_INLINE_SERVICE_1
service-object ip
service-object icmp
service-object udp
service-object tcp
service-object tcp-udp eq www
access-list any standard permit any
access-list inside_access_in extended permit object-group DM_INLINE_SERV
y any
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu dmz 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-621.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 192.168.0.0 255.255.224.0
access-group inside_access_in in interface inside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:0
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 0.0.0.0 0.0.0.0 inside
http 192.168.0.0 255.255.224.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
vpdn group adsl request dialout pppoe
vpdn group adsl localname dgDSL01737767@16900.gd
vpdn group adsl ppp authentication pap
vpdn username dgDSL01737767@16900.gd password *********
dhcpd auto_config outside
!

threat-detection basic-threat
threat-detection statistics access-list
!
!
username admin password eY/fQXw7Ure8Qrz7 encrypted
username cisco password GRRNOsbbn6NjqioT encrypted
prompt hostname context
Cryptochecksum:a4e38fdf728084d92ac85767c91a90df
: end
ciscoasa#



ciscoasa# sh int vlan 2
Interface Vlan2 "outside", is up, line protocol is up
Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
MAC address 68ef.bd1f.1fcb, MTU 1492
IP address 27.37.21.52, subnet mask 255.255.255.255
Traffic Statistics for "outside":
315509 packets input, 317525461 bytes
122807 packets output, 15594953 bytes
1354 packets dropped
1 minute input rate 117 pkts/sec, 121032 bytes/sec
1 minute output rate 41 pkts/sec, 4307 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 103 pkts/sec, 105256 bytes/sec
5 minute output rate 34 pkts/sec, 3301 bytes/sec
5 minute drop rate, 0 pkts/sec
ciscoasa#


ciscoasa# sh int vlan 3
Interface Vlan3 "inside", is up, line protocol is up
Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
MAC address 68ef.bd1f.1fcb, MTU 1500
IP address 192.168.0.1, subnet mask 255.255.224.0
Traffic Statistics for "inside":
301771 packets input, 28525935 bytes
225070 packets output, 183344117 bytes
118188 packets dropped
1 minute input rate 39 pkts/sec, 4068 bytes/sec
1 minute output rate 40 pkts/sec, 42170 bytes/sec
1 minute drop rate, 6 pkts/sec
5 minute input rate 47 pkts/sec, 3891 bytes/sec
5 minute output rate 58 pkts/sec, 54599 bytes/sec
5 minute drop rate, 7 pkts/sec
ciscoasa#
补充: 配置PPPOE拨号后,200台主机 只有几台电脑可以上网,其它都不行,而且过不了多久能上网的也不能上了,网络也会中断,*粝路阑鹎焦换嵊挚梢陨匣,有没有知道什么原因的, 只用防火墙不连交换机又可以正常使用,不过防火墙就那几个口不够用的呀!



友情链接: