Shulou(Shulou.com)06/01 Report--

Use the console cable login method

1. Use the console connection cable of cisco to connect the console port of the device and the com port of the computer (from USB to COM port for notebook)

two。 Connect the device using HyperTerminal or secureCRT software

Serial option: baud rate: 9600 data bits: 8 parity: no stop bit: 1 data flow control: RTS/CTS

After logging in to the device, the basic configuration commands are consistent with the cisco router.

1. Set the hostname:

# hostname ASA5510

two。 Set the time zone:

# clock timezone EST 7

3. Set the clock:

# clock set 12:00:00 1 FEB 2012

4. Configure the inner interface IP

# int Ethernet 0/0

# nameif inside

# security-level 100

# ip address 192.168.55.254 255.255.255.0

5. Configure the external interface IP

# int Ethernet 0/1

# nameif outside

# security-level 0

# ip address 210.X.X.X 255.255.255.248

6. Configure user name and password

# username admin password * encrypted

Privilege 15 Note: 15 means you have the highest permissions

7. Configure HTTP and TELNET

# aaa authentication telnet console LOCAL

# http server enable

# http 192.168.55.0 255.255.255.0 inside

# telnet 192.168.55.0 255.255.255.0 inside

8. Configure site to site *

Cryptomap outside_map 20 match address outside_cryptomap_20_1

Crypto map outside_map 20 set pfs

Crypto map outside_map 20 set peer 210.75.1.X

Crypto map outside_map 20 set transform-set ESP-3DES-SHA

Crypto map outside_map 20 set nat-t-disable

Crypto map outside_map interface outside

Cisco cleanup configuration uses: erase startup-config (remove the contents of the NVRAM), and then restart the router reload

Huawei clears the configuration using: reset saved-configuration, restart router reboot

Cisco Router and switch password recovery topic: http://www.net130.com/CMS/Pub/special/special_pass word/index.htm

About keyboard shortcuts:

Move the ctrl+b (backward) cursor one character to the left

Move the ctrl+f (foreward) cursor one character to the right

Ctrl+a (an is?) Move the cursor to the beginning of the command

Ctrl+e (end) cursor moves to the end of the command

Move the esc+b (backward) cursor one word to the left

Move the esc+f (foreward) cursor one word to the right

Ctrl+z exits privileged mode Router# at one time

About the conversion of modes: user mode (user execution mode), privileged mode (privilege execution mode), global configuration mode (global configuration mode), and specific configuration modes under global configuration mode (such as routing interface configuration mode, routing subinterface configuration mode, routing protocol configuration mode, line configuration mode, etc.): the user mode is entered first after connecting the route, which is characterized by signed ">". The user mode can only find the configuration and status of the route, but cannot configure the route. You need to configure the route to enter the privileged mode. The command to enter the privileged mode is: if enable has a password, it needs the correct password to enter and enter the privileged mode, which is characterized by the sign "#". The command to enter routing global configuration mode from privileged mode is: configure terminal

The commands to enter each specific configuration mode from global configuration mode are as follows:

Privileged mode-> routed interface configuration mode

Interface serial?? (serial port)

Interface ethernet?? (Ethernet port)

Privileged mode-> routing subinterface configuration mode

Subinterface

Privileged mode-> routing protocol configuration mode

Route rip

Privileged mode-> line configuration mode

Line vty??

Here are the commands and usage in each mode:

User mode: Router >

Show ping telnet connect is used in the same way as privileged mode

Privileged mode: Router#

Show users views all users connected to the router

Show hosts looks at the mapping table of ip and name

Show arp View ip address explanation

Show protocol looks at the router's protocol

Show version to view the version of ISO, memory

Show flash to view flash usage

Show clock check the time of the router

Show history looks at the last ten commands entered

Show ip interface brief views the ip settings and status of the interface

Show interfaces to view the status of all ports on the router

Show interfaces specific port to view the status of a specific port on the router

Show running-config views configuration files in RAM

Show startup-config views configuration files in NVRAM

Show cdp views cdp's information

Show cdp entry (router) view specific neighboring connected routers

Show cdp neighbors looks at all adjacent connected routers

Show cdp neighbors detail views the details of all adjacent connected routers

Show cdp traffic views the information of cdp packets

Show cdp?? (Port number) View cdp information for a specific port

Check the status of the original router under show session remote login

Clear cdp counters clears CDP counters

Clear cdp table clears CDP information

Copy running-config startup-config copies the configuration file in RAM to NVRAM

Copy startup-config running-config copies the configuration file in NVRAM to RAM

Copy tftp running-config transfers the configuration file of the tftp server to RAM

Copy running-config tftp transfers the configuration files from RAM to the tftp server

Ping?? (name or ip) check the connectivity between the router and the remote router

Telnet?? (name or ip) remote login router (login password required)

Connect?? (name or ip) same as telnet

Traceroute?? (name or ip) View the route that has passed

Global configuration mode: Router (config) #

Hostname? (name)

/ / configure the server side

Ciscoasa (config) # crypto key generate rsa modulus 1024 / / specifies the size of the rsa coefficient. The higher the value, the longer it takes to generate rsa. It is recommended to use 1024 for cisco.

Ciscoasa (config) # write mem / / Save the newly generated key

Ciscoasa (config) # ssh 0.0.0.0 0.0.0.0 outside / / 0.0.0.0 0.0.0.0 means that any external host can access the outside interface through SSH. Of course, you can specify a specific host or network to access the outside interface. Outside can also be changed to inside, which means that the firewall is accessed internally through SSH.

Ciscoasa (config) # ssh timeout 30 / / sets the timeout (in minutes)

Ciscoasa (config) # ssh version 1 / / specify SSH version, you can choose version 2

/ / configure the client

The password specified in the ciscoasa (config) # passwd password / / passwd command is a remote access password, which is also applicable to telnet

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.