- 论坛徽章:
- 0
|
PIXFW(config)# sh run
: Saved
:
PIX Version 7.0(2) <system>
!
interface Ethernet0
speed 1920
duplex full
!
interface Ethernet0.1
vlan 5
!
interface Ethernet0.2
vlan 6
!
interface Ethernet1
!
interface Ethernet2
!
interface Ethernet3
shutdown
!
interface Ethernet4
shutdown
!
interface Ethernet5
shutdown
!
enable password 8Ry2YjIyt7RRXU24 encrypted
hostname PIXFW
ftp mode passive
pager lines 24
no failover
no asdm history enable
arp timeout 14400
console timeout 0
admin-context OA
context OA
allocate-interface Ethernet0.1
allocate-interface Ethernet1
config-url flash:/OA.cfg
!
context FMIS
allocate-interface Ethernet0.2
allocate-interface Ethernet2
config-url flash:/FMIS.cfg
!
Cryptochecksum:53517dcd4fe74fdcb51a1d24e90b1469
: end
PIXFW(config)# sh interface
Interface Ethernet0 "", is up, line protocol is up
Hardware is i82559, BW 1920 Mbps
Full-Duplex(Full-duplex), 1920 Mbps(1920 Mbps)
Available for allocation to a context
MAC address 0015.f9a9.02ea, MTU not set
IP address unassigned
525 packets input, 83359 bytes, 0 no buffer
Received 83 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
1935 packets output, 150750 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/1)
output queue (curr/max blocks): hardware (0/1) software (0/1)
Interface Ethernet0.1 "", is up, line protocol is up
VLAN identifier 5
Available for allocation to a context
Interface Ethernet0.2 "", is up, line protocol is up
VLAN identifier 6
Available for allocation to a context
Interface Ethernet1 "", is up, line protocol is up
Hardware is i82559, BW 1920 Mbps
Auto-Duplex(Full-duplex), Auto-Speed(1920 Mbps)
Available for allocation to a context
MAC address 0015.f9a9.02eb, MTU not set
IP address unassigned
2757 packets input, 225620 bytes, 0 no buffer
Received 1869 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
159 packets output, 12400 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/1)
output queue (curr/max blocks): hardware (0/1) software (0/1)
Interface Ethernet2 "", is up, line protocol is up
Hardware is i82559, BW 1920 Mbps
Auto-Duplex(Full-duplex), Auto-Speed(1920 Mbps)
Available for allocation to a context
MAC address 0005.5d18.3021, MTU not set
IP address unassigned
1672 packets input, 127807 bytes, 0 no buffer
Received 798 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
117 packets output, 9158 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/2)
output queue (curr/max blocks): hardware (0/1) software (0/1)
Interface Ethernet3 "", is administratively down, line protocol is down
Hardware is i82559, BW 1920 Mbps
Auto-Duplex, Auto-Speed
Available for allocation to a context
MAC address 0005.5d18.3023, MTU not set
IP address unassigned
1192 packets input, 14154 bytes, 0 no buffer
Received 1926 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
129 packets output, 8296 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/1)
output queue (curr/max blocks): hardware (0/1) software (0/1)
Interface Ethernet4 "", is administratively down, line protocol is down
Hardware is i82559, BW 1920 Mbps
Auto-Duplex, Auto-Speed
Available for allocation to a context
MAC address 0005.5d18.3020, MTU not set
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/0)
output queue (curr/max blocks): hardware (0/0) software (0/0)
Interface Ethernet5 "", is administratively down, line protocol is down
Hardware is i82559, BW 1920 Mbps
Auto-Duplex, Auto-Speed
Available for allocation to a context
MAC address 0005.5d18.3022, MTU not set
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/12 software (0/0)
output queue (curr/max blocks): hardware (0/0) software (0/0)
PIXFW(config)# chang context OA
PIXFW/OA(config)# sh run
: Saved
:
PIX Version 7.0(2) <context>
names
!
interface Ethernet0.1
nameif outside
security-level 0
ip address 192.130.6.49 255.255.255.252
!
interface Ethernet1
nameif inside
security-level 1920
ip address 192.193.166.238 255.255.255.0
!
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname OA
access-list PING extended permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
monitor-interface inside
no asdm history enable
arp timeout 14400
nat (inside) 0 192.193.166.0 255.255.255.0
access-group PING in interface outside
route outside 0.0.0.0 0.0.0.0 192.130.6.50 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:192:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:192:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp
telnet timeout 5
ssh timeout 5
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:46ffeba4d29c11a248523371c9666379
: end
PIXFW/OA(config)#
PIXFW/OA(config)# chang context FMIS
PIXFW/FMIS(config)# sh run
: Saved
:
PIX Version 7.0(2) <context>
names
!
interface Ethernet0.2
nameif outside
security-level 0
ip address 192.135.178.65 255.255.255.252
!
interface Ethernet2
nameif inside
security-level 1920
ip address 192.135.181.126 255.255.255.128
!
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname FMIS
access-list 1921 extended permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
monitor-interface inside
no asdm history enable
arp timeout 14400
nat (inside) 0 192.135.181.0 255.255.255.128
access-group 1921 in interface outside
route outside 0.0.0.0 0.0.0.0 192.135.178.66 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:192:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:192:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp
telnet timeout 5
ssh timeout 5
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:5854ffa0a5401e033e1ce88731ebf452
: end
PIXFW/FMIS# chang context sys
PIXFW# |
|
免费注册
发表于 2006-02-19 22:57