cisco防火墙配置怎么设置（思科cisco的asa防火墙排错命令packet-tracer）

小君 2023-01-02 06:02:25 420

cisco防火墙配置怎么设置（思科cisco的asa防火墙排错命令packet-tracer）MAC Access listAdditional Information:Result: ALLOWConfig:Implicit Rule

cisco防火墙配置怎么设置（思科cisco的asa防火墙排错命令packet-tracer）(1)

ciscoasa# packet-tracer input inside tcp 172.16.1.1 telnet 202.100.1.1 telnet //模拟inside接口进来的地址172.16.1.1 telnet到outside接口的下一跳202.100.1.1

Phase: 1

Type: ACCESS-LIST

Subtype:

Result: ALLOW

Config:

Implicit Rule

Additional Information:

MAC Access list

Phase: 2 //查找到达202.100.1.0的路由

Type: ROUTE-LOOKUP

Subtype: input

Result: ALLOW

Config:

Additional Information:

in 202.100.1.0 255.255.255.0 outside

Phase: 3

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional Information:

Phase: 4 //做nat 转换把172.16.1.1 23号端口转换成202.100.1.10的357端口

Type: NAT

Subtype:

Result: ALLOW

Config:

object network inside2outside

nat (inside outside) dynamic interface

Additional Information:

Dynamic translate 172.16.1.1/23 to 202.100.1.10/357

Phase: 5

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional Information:

Phase: 6

Type: FLOW-CREATION

Subtype:

Result: ALLOW

Config:

Additional Information:

New flow created with id 7 packet dispatched to next module

Result: // 最终结果是allow

input-interface: inside

input-status: up

input-line-status: up

output-interface: outside

output-status: up

output-line-status: up

Action: allow

网站首页

返回栏目

cisco防火墙配置怎么设置（思科cisco的asa防火墙排错命令packet-tracer）

猜您喜欢：

相关文章