forum.opennet.ru

Составление сообщения

Исходное сообщение

"ASA 5520"
Отправлено s.sosnin, 25-Авг-09 14:40

>Подскажите, можно ли управлять данным девайсом посредством ASDM, если девайс находится в
>режиме firewall transparent?
>перевел в прозрачный режим, ASDM отвалился, ip железяке назначен, пингуется, но ASDM
>не соединяется...
Transparent Firewall Guidelines
Follow these guidelines when planning your transparent firewall network:
•For IPv4, a management IP address is required for both management traffic and for traffic to pass through the adaptive security appliance. For multiple context mode, an IP address is required for each context.
Unlike routed mode, which requires an IP address for each interface, a transparent firewall has an IP address assigned to the entire device. The adaptive security appliance uses this IP address as the source address for packets originating on the adaptive security appliance, such as system messages or AAA communications.
The management IP address must be on the same subnet as the connected network. You cannot set the subnet to a host subnet (255.255.255.255).
For IPv6, at a minimum you need to configure link-local addresses for each interface for through traffic. For full functionality, including the ability to manage the adaptive security appliance, you need to configure a global IP address for the device.
You can configure an IP address (both IPv4 and IPv6) for the Management 0/0 or Management 0/1 management-only interface. This IP address can be on a separate subnet from the main management IP address.
•The transparent adaptive security appliance uses an inside interface and an outside interface only. If your platform includes a dedicated management interface, you can also configure the management interface or subinterface for management traffic only.
In single mode, you can only use two data interfaces (and the dedicated management interface, if available) even if your security appliance includes more than two interfaces.
•Each directly connected network must be on the same subnet.
•Do not specify the adaptive security appliance management IP address as the default gateway for connected devices; devices need to specify the router on the other side of the adaptive security appliance as the default gateway.

Исходное сообщение
"ASA 5520" Отправлено s.sosnin, 25-Авг-09 14:40
>Подскажите, можно ли управлять данным девайсом посредством ASDM, если девайс находится в >режиме firewall transparent? >перевел в прозрачный режим, ASDM отвалился, ip железяке назначен, пингуется, но ASDM >не соединяется... Transparent Firewall Guidelines Follow these guidelines when planning your transparent firewall network: •For IPv4, a management IP address is required for both management traffic and for traffic to pass through the adaptive security appliance. For multiple context mode, an IP address is required for each context. Unlike routed mode, which requires an IP address for each interface, a transparent firewall has an IP address assigned to the entire device. The adaptive security appliance uses this IP address as the source address for packets originating on the adaptive security appliance, such as system messages or AAA communications. The management IP address must be on the same subnet as the connected network. You cannot set the subnet to a host subnet (255.255.255.255). For IPv6, at a minimum you need to configure link-local addresses for each interface for through traffic. For full functionality, including the ability to manage the adaptive security appliance, you need to configure a global IP address for the device. You can configure an IP address (both IPv4 and IPv6) for the Management 0/0 or Management 0/1 management-only interface. This IP address can be on a separate subnet from the main management IP address. •The transparent adaptive security appliance uses an inside interface and an outside interface only. If your platform includes a dedicated management interface, you can also configure the management interface or subinterface for management traffic only. In single mode, you can only use two data interfaces (and the dedicated management interface, if available) even if your security appliance includes more than two interfaces. •Each directly connected network must be on the same subnet. •Do not specify the adaptive security appliance management IP address as the default gateway for connected devices; devices need to specify the router on the other side of the adaptive security appliance as the default gateway.

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру