ASA 5505

Tutto ciò che ha a che fare con la configurazione di apparati Cisco (e non rientra nelle altre categorie)

Moderatore: Federico.Lagni

Rispondi
larosa01
n00b
Messaggi: 1
Iscritto il: gio 01 ott , 2015 8:45 pm

Salve , sto cercando da qualche giorno a configurare un asa5505 per l'accesso a asdm ma da internet Explorer mi compare "Attiva TLS 1.0, TLS 1.1 e TLS 1.2" però nella configurazione di internet risultano attivi. cosa sto sbagliando ?

è lo show version

Vi ringrazio anticipatamente.


questa è la configurazione:



: Serial Number:
: Hardware: ASA5505, 256 MB RAM, CPU Geode 500 MHz
: Written by enable_15 at 05:47:47.459 UTC Sat Oct 10 2015
!
ASA Version 9.2(4)
!
hostname

names
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
!
ftp mode passive
object network obj_any
subnet 0.0.0.0 0.0.0.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-751.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
nat (inside,outside) dynamic interface
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authorization exec authentication-server
http server enable
http 192.168.2.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
no ssh stricthostkeycheck
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access inside

dhcpd dns 8.8.8.8
dhcpd auto_config outside
!
dhcpd address 192.168.2.5-192.168.2.36 inside
dhcpd enable inside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username ************ password ************ encrypted
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:a309b225bc3a819285e597686e63c795
: end



versione:



Cisco Adaptive Security Appliance Software Version 9.2(4)
Device Manager Version 7.5(1)

Compiled on Tue 14-Jul-15 22:19 by builders
System image file is "disk0:/asa924-k8.bin"
Config file at boot was "startup-config"

firts01 up 42 mins 24 secs

Hardware: ASA5505, 256 MB RAM, CPU Geode 500 MHz,
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode : CNLite-MC-SSLm-PLUS-2.06
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.09
Number of accelerators: 1

0: Int: Internal-Data0/0 : address is 001d.a2e4.8831, irq 11
1: Ext: Ethernet0/0 : address is 001d.a2e4.8829, irq 255
2: Ext: Ethernet0/1 : address is 001d.a2e4.882a, irq 255
3: Ext: Ethernet0/2 : address is 001d.a2e4.882b, irq 255
4: Ext: Ethernet0/3 : address is 001d.a2e4.882c, irq 255
5: Ext: Ethernet0/4 : address is 001d.a2e4.882d, irq 255
6: Ext: Ethernet0/5 : address is 001d.a2e4.882e, irq 255
7: Ext: Ethernet0/6 : address is 001d.a2e4.882f, irq 255
8: Ext: Ethernet0/7 : address is 001d.a2e4.8830, irq 255
9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255
10: Int: Not used : irq 255
11: Int: Not used : irq 255
The Running Activation Key is not valid, using default settings:

Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
Inside Hosts : 10 perpetual
Failover : Disabled perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 10 perpetual
Total VPN Peers : 12 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Disabled perpetual

This platform has a Base license.

Serial Number:
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
Configuration register is 0x1
Configuration last modified by enable_15 at 05:39:25.669 UTC Sat Oct 10 2015
Top
Rispondi

Torna a “Configurazioni”