用户接口
防火墙访问模式
思科防火墙有4个安全管理访问模式:
AccessPrivilege Mode
访问配置模式:configure terminal 命令
help 命令
文件管理
查看和保存你的配置
ClearingRunning Configuration
ClearingStartup Configuration
Reloadthe Configuration: reload Command
FileSystem
DisplayingStored Files: System and Configuration
SelectingBoot System File
Verifyingthe Startup System Image
Security Appliance Security Levels
Functionsof the Security Appliance: Security Algorithm
SecurityLevel Example
Basic Security ApplianceConfiguration
AssigningHostname to Security Appliance: Changing the CLI Prompt
BasicCLI Commands for Security Appliances
interface Command and Subcommands
Assignan Interface Name:nameifSubcommand
AssignInterface IP Address: ipaddress Subcommand
DHCP-AssignedAddress
Assigna Security Level: security-level SubCommands
Assignan Interface Speed and Duplex: speed and duplex SubCommands
ASAManagement Interface
NetworkAddress Translation
EnableNAT Control
nat Command
nat 0
nat 0 命令:
防火墙不对通过它的数据包进行地址转换。
pixfirewall(conifg)#nat(inside) 1 10.0.0.0 255.0.0.0
pixfirewall(conifg)#nat (inside) 0 192.168.0.0 255.255.255.0
Configurea Static Route: route Command
HostName-to-IP-AddressMapping: name Command
ConfigurationExample
ConfigurationExample (Cont.)
ConfigurationExample (Cont.)
ExaminingSecurity Appliance Status
show Commandsshow memory Command
show cpu usage Command
show version Command
show ip address Command
show interface Command
show nameifCommand
show run natCommand
show run global Command
show xlateCommand
ping Command
show route Command
Setting Time and Using NTP Support
clock Command
SettingDaylight Saving Time and Time Zones
ntp Command
Summary
Summary(Cont.)
LabVisual Objective
参考:CISCO