文档介绍:>enableciscoasa#configureterminalciscoasa(config)#<config>#usernamexxxpasswordxxxxxxencryptedprivilege15<config>#aaaauthenticationenableconsoleLOCAL<config>#consoleLOCAL<config>#aaaauthenticationhttpconsoleLOCAL<config>#aaaauthenticationsshconsoleLOCAL<config>#mandLOCAL<config>#httpserverenable<config>#<config>#<config>#<config>#cryptokeygeneratersa(打开SSH服务)//(config)#passwordcisco//远程密码asa5505(config)#enablepasswordcisco//(config)#interfacevlan2//进入vlan2asa5505(config-if)#//vlan2配置IPasa5505(config)#showipaddressvlan2//(config)#interfacee0/3//进入接口e0/3asa5505(config-if)#essvlan3//接口e0/3加入vlan3asa5505(config)#interfacevlan3//进入vlan3asa5505(config-if)#//vlan3配置IPasa5505(config-if)#nameifdmz//vlan3名asa5505(config-if)#noshutdown//开启asa5505(config-if)#showswitchvlan//(config)#mtuinside1500//inside最大传输单元1500字节asa5505(config)#mtuoutside1500//outside最大传输单元1500字节asa5505(config)#mtudmz1500//(config)#arptimeout14400//(config)#ftpmodepassive//(config)#domain-(config)#loggingenable//启动日志asa5505(config)#loggingasdminformational//启动asdm报告日志asa5505(config)#Showlogging//(config)#httpserverenable///启动HTTPserver,便于ASDM连接。asa5505(config)#//对外启用ASDM连接asa5505(config)#//-listacl_outextendedpermittcpanyanyeqwww//ess-listacl_outextendedpermittcpanyanyeqhttps//ess-//-//-//允许tcp协议14