Configure the ASA Security Configuration & amp; Environment setup

Topology Analysis

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image002 "border =" 0 "alt =" clip_image002 "src =" http://www.bkjia.com/uploads/allimg/131227/091AI513-0.png "" 553 "height =" 187 "/>

1. We can see that we need to add four virtual network cards to bridge between the real machine, VMware, ASA, and DynamipsGUI. Therefore, we need to first add four virtual network cards using virtual machines.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image003 "border =" 0 "alt =" clip_image003 "src =" http://www.bkjia.com/uploads/allimg/131227/091AG922-1.png "" 418 "height =" 156 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image005 "border =" 0 "alt =" clip_image005 "src =" http://www.bkjia.com/uploads/allimg/131227/091AI2T-2.png "" 554 "height =" 462 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image007 "border =" 0 "alt =" clip_image007 "src =" http://www.bkjia.com/uploads/allimg/131227/091AI091-3.png "" 554 "height =" 178 "/>

2. In order not to affect the test results, we recommend that you remove the VmNet TCP/IP protocol and use it only for bridging !)

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image009 "border =" 0 "alt =" clip_image009 "src =" http://www.bkjia.com/uploads/allimg/131227/091AL0W-4.jpg "" 275 "height =" 294 "/> 650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image011 "border =" 0 "alt =" clip_image011 "src =" http://www.bkjia.com/uploads/allimg/131227/091AI405-5.jpg "" 274 "height =" 294 "/>

3. Configure the Ip addresses of PC1, Web, and Out respectively, and specify the Ip addresses to the corresponding routers and ASA.

. 650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image013 "border =" 0 "alt =" clip_image013 "src =" http://www.bkjia.com/uploads/allimg/131227/091AH428-6.png "" 553 "height =" 171 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image015 "border =" 0 "alt =" clip_image015 "src =" http://www.bkjia.com/uploads/allimg/131227/091AM221-7.png "" 553 "height =" 118 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image017 "border =" 0 "alt =" clip_image017 "src =" http://www.bkjia.com/uploads/allimg/131227/091AL928-8.png "" 553 "height =" 120 "/>

4. build a site on the Web host (www.benet.com); build a site on the Out host (www.out.com), and install the Dns server on the Out server, and resolve www.benet.com (the corresponding IP address is: 200.10.253/29) and www.out.com (corresponding IP Address: 200.20.20.1)

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image019 "border =" 0 "alt =" clip_image019 "src =" http://www.bkjia.com/uploads/allimg/131227/091AG129-9.png "" 553 "height =" 295 "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image021 "border =" 0 "alt =" clip_image021 "src =" http://www.bkjia.com/uploads/allimg/131227/091AG042-10.png "" 554 "height =" 295 "/>

5. Create the benet.com and out.com regions on the Out host, and parse www.benet.com (corresponding IP Address: 200.10.253/29) and www.out.com (corresponding IP Address: 200.20.20.1)

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image023 "border =" 0 "alt =" clip_image023 "src =" http://www.bkjia.com/uploads/allimg/131227/091AL460-11.png "" 554 "height =" 332 "/>

6. Use DynamipsGUI and bridge to the corresponding VmNet virtual Nic. Note: Enable all NICs to be bridge !)

Route bridging:

Router1 F0/0 <----> XPC P0/0 Router1 F1/0 <----> XPC P0/1

Configure Route

R1 # en R1 # conf t Enter configuration commands, one per line. End with CNTL/Z. R1 (config) # hostname R1 R1 (config) # line 0 R1 (config-line) # logg s R1 (config-line) # exit R1 (config) # int f1/0 R1 (config-if) # ip add 200.1.1.1 255.255.255.252 R1 (config-if) # no shut R1 (config-if) # int f0/0 R1 (config-if) # ip add 200.00000000254 255.255.255.0 R1 (config-if) # no shut R1 (config-if) # do show ip int B Interface IP-Address OK? Method Status Protocol FastEthernet0/0 200.20.254 YES manual up FastEthernet1/0 200.1.1.1 YES manual up

7. Modify the asa_PCAP file of the ASA simulator and bridge it to Vm1/2/3.

@ Echo off Rem supports pacp NICs. Cls Title ASA Simulator Setlocal Set command_name = qemuPCAP-L.-hda FLASH-hdachs 980,16, 32-kernel vmlinuz-initrd asa802-k8.gz-m 256 -- no-kqemu Set parameter =-append "auto nousb ide1 = noprobe bigphysarea = 16384 console = ttyS0, 9600n8 hda = 980,16, 32" Set nic1 =-net nic, vlan = 0, model = i82557b, macaddr = 00: aa: 00: 00: 02: 01-net pcap, vlan = 0, ifname = \ Device \ NPF _ {993B816B-BCA0-477A-9CA7-245AA1A5D9DF} \ Vm1 Nic Set nic2 =-net nic, vlan = 1, model = i82557b, macaddr = 00: aa: 00: 00: 02: 02-net pcap, vlan = 1, ifname = \ Device \ NPF _ {B6179516-C4D7-4209-AC05-6E6725E60B35} \ Vm2 Nic Set nic3 =-net nic, vlan = 2, model = i82557b, macaddr = 00: aa: 00: 00: 02: 03-net pcap, vlan = 2, ifname = \ Device \ NPF _ {5426F6F3-69DD-4DF5-87F6-115E7ADF9646} \ Vm3 Nic Set nic4 =-net nic, vlan = 3, model = i82557b, macaddr = 00: aa: 00: 00: 02: 04-net pcap, vlan = 3, ifname = 1 Set nic5 =-net nic, vlan = 4, model = i82557b, macaddr = 00: aa: 00: 00: 02: 05-net pcap, vlan = 4, ifname = 2 Set options =-serial telnet: 4000, server, nowait % Command_name % parameter % nic1 % nic2 % nic3 % nic4 % nic5 % options % Rem i82551 i82557b i82559er ne2k_pci pcnet rtl8139

Then enable our ASA Simulator

8. Now you can configure ASA!

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" clip_image024 "border =" 0 "alt =" clip_image024 "src =" http://www.bkjia.com/uploads/allimg/131227/091AMY9-12.png "" 579 "height =" 223 "/>

 

Now, the environment has been set up!

Welcome to my blog: http://jiayf.blog.51cto.com/