BGP MD5
认证穿越
ASA
建立
bgp
邻居关系
<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
R1配置;
no synchronization
bgp log-neighbor-changes
network <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />0.0.0.0
neighbor 1.1.2.2 remote-as 100
neighbor 1.1.2.2 password cisco
no auto-summary
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
R6配置:
router bgp 100
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
neighbor 1.1.1.2 remote-as 100
neighbor 1.1.1.2 password cisco
no auto-summary
!
ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 1.1.2.1
!
ASA初始配置:
interface Ethernet0/0
nameif inside
security-level 100
ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0/1
nameif outside
security-level 0
ip address 1.1.2.1 255.255.255.0
!
access-list 1 extended permit ip any any
pager lines 24
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
access-group 1 in interface outside
不能使用默认路由指向ASA的内接口和外接口,下面是出现的错误:
由于不能上传过多图片,我把实验放在附件里面了!
转载于:https://blog.51cto.com/995709042/719389