二:实验要求:
1:PC1属于上海分公司内网主机,PC2属于总公司主机.要求上海分公司的用户直接可以和总公司的PC2通信.(Site-to-Site IPSEC ×××实现)
2:公网上用户可以访问总公司的OA服务器PC2.(SSL ×××实现)
三:配置过程:
1:基本配置:
ASA1(config)# int e0/1
ASA1(config-if)# nameif inside
INFO: Security level for "inside" set to 100 by default.
ASA1(config-if)# ip add 172.16.1.254 255.255.255.0
ASA1(config-if)# no sh
ASA1(config-if)# int e0/0
ASA1(config-if)# nameif outside
INFO: Security level for "outside" set to 0 by default.
ASA1(config-if)# ip add 12.0.0.1 255.255.255.0
ASA1(config-if)# no sh
ASA1(config-if)#
ASA1# ping 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 10/344