1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
| FW(config)# hostname FW
FW(config)# interface GigabitEthernet0/0
FW(config-if)# nameif inside
FW(config-if)# security-level 100
FW(config-if)# ip address 172.16.10.254 255.255.255.0
FW(config-if)# no shutdown
FW(config)# interface GigabitEthernet0/1
FW(config-if)# nameif dmz
FW(config-if)# security-level 50
FW(config-if)# ip address 172.16.20.254 255.255.255.0
FW(config-if)# no shutdown
FW(config)# interface GigabitEthernet0/2
FW(config-if)# nameif office
FW(config-if)# security-level 70
FW(config-if)# ip address 172.16.30.254 255.255.255.0
FW(config-if)# no shutdown
FW(config)# interface GigabitEthernet0/3
FW(config-if)# nameif outside
FW(config-if)# security-level 0
FW(config-if)# ip address 2.61.243.1 255.255.255.0
FW(config-if)# no shutdown
FW(config-if)# router eigrp 100
FW(config-router)# network 172.16.10.0 255.255.255.0
FW(config-router)# network 172.16.20.0 255.255.255.0
FW(config-router)# network 172.16.30.0 255.255.255.0
FW(config-router)# network 2.61.243.0 255.255.255.0
FW(config)# object network out
FW(config-network-object)# host 172.16.30.2
FW(config-network-object)# nat (office,outside) static 2.61.243.3
FW(config)# access-list outside extended permit host 185.6.12.1 172.16.20.0 255.255.255.0
FW(config)# access-list outside extended permit ip any host 172.16.30.2
FW(config)# access-list dmz extended permit icmp any any
FW(config)# access-list office extended permit icmp any any
FW(config)# access-list inside extended permit icmp any any
FW(config)# access-group inside in interface inside
FW(config)# access-group dmz in interface dmz
FW(config)# access-group office in interface office
FW(config)# access-group outside in interface outside
|
