實驗要求:
1、 根據拓撲為防火墻/內網主機/互聯網設備配置IP地址
2、 配置PIX1(防火墻)配置訪問Internet基本配置
3、 配置PIX2上配置狀態化Failover-STANDBY
4、 配置PIX1上狀態化Failover-ACTIVE
實驗步驟
1、根據拓撲為防火墻/內網主機/互聯網設備配置 IP 地址;
R1:
ip route 0.0.0.0 0.0.0.0 192.168.1.254
2、配置 PIX1 配置訪問 INTERNET 基本配置;
PX1:
interface e1
no shutdown
nameif outside
security-level 0
ip address 100.1.1.254 255.255.255.0
interface e0
no shutdown
nameif inside
security-level 100
ip address 192.168.1.254 255.255.255.0
route outside 0.0.0.0 0.0.0.0 100.1.1.1
access-list NAT permit ip 192.168.1.0 255.255.255.0 any
nat (inside) 1 access-list NAT
global (outside) 1 interface
fixup protocol icmp
3、配置 PIX2 上配置狀態化 Failover-STANDBY;
interface e2
no shutdown
interface e3
no shutdown
failover
failover lan enable
failover key cisco
failover lan unit secondary
failover lan interface Failover e2
failover interface ip Failover 10.1.12.1 255.255.255.0 standby 10.1.12.2
failover link sta-failover e3
failover interface ip sta-failover 10.2.12.1 255.255.255.0 standby 10.2.12.2
4、配置 PIX1 上狀態化 Failover-ACTIVE,
interface e2
no shutdown
interface e3
no shutdown
failover
failover lan enable
failover key cisco
failover lan unit primary
failover lan interface Failover e2
failover interface ip Failover 10.1.12.1 255.255.255.0 standby 10.1.12.2
failover link sta-failover e3
failover interface ip sta-failover 10.2.12.1 255.255.255.0 standby 10.2.12.2
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/235913.html
標籤:其他
上一篇:kali Linux滲透測驗
下一篇:API自動化定時測驗