本文参考:EVE环境下做一个ASA防火墙简单小实验_哔哩哔哩_bilibili
跟视频不同的是,两个路由器换成了VPC
EVE里的拓扑图如下
ASAv配置
#主机名,网卡ip配置 hostname ASA interface GigabitEthernet0/0 nameif Outside security-level 0 ip address 202.100.1.10 255.255.255.0 no shutdown interface GigabitEthernet0/1 nameif Inside security-level 100 ip address 10.1.1.10 255.255.255.0 no shutdown #路由配置 route outside 0 0 202.100.1.1 route Inside 10.1.0.0 255.255.0.0 10.1.1.1 #允许ping配置 access-list OUTSIDE_IN_ACL permit icmp any any echo-reply access-group OUTSIDE_IN_ACL in interface outside #保存 wr #重启 reload
Outside区域VPC1配置
#VPC1 ip 202.100.1.1/24 202.100.1.10 show ip #保存 save
Inside区域VPC2配置
#VPC2 ip 10.1.1.1/24 10.1.1.10 show ip #保存 save
VPC2pingVPC1结果,ping成功
VPC1pingVPC2结果,ping失败
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)