no failover
asdm image disk0:/asdm504.bin
no asdm history enable
arp outside 222.66.83.19 0013.c482.3ffc
arp timeout 14400
global (outside) 1 222.66.83.19 netmask 255.255.255.255
nat (inside_data) 0 access-list NONAT
nat (inside_data) 1 access-list HIDING
nat (inside_voice) 0 access-list NONAT
nat (secure) 0 access-list NONAT
nat (sprint) 0 access-list NONAT
access-group POLICY in interface inside_data
access-group POLICY in interface web
access-group POLICY in interface sprint
access-group POLICY in interface outside
route inside_data 172.26.23.0 255.255.255.0 172.26.24.17 1
route inside_data 172.26.10.0 255.255.255.0 172.26.24.17 1
route inside_data 172.26.25.0 255.255.255.0 172.26.24.17 1
route inside_data 172.26.22.0 255.255.255.0 172.26.24.17 1
route inside_data 172.26.16.0 255.255.255.0 172.26.24.17 1
route inside_data 172.26.18.0 255.255.255.0 172.26.24.17 1
route sprint 172.16.0.0 255.240.0.0 172.26.24.10 1
route sprint 10.0.0.0 255.0.0.0 172.26.24.10 1
route sprint 192.168.0.0 255.255.0.0 172.26.24.10 1
route outside 0.0.0.0 0.0.0.0 222.66.83.17 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
username wafersys password N3432S3svONQ.rWm encrypted
username rdcafwadmin password iqtp6BSrFydQnyAe encrypted
aaa authentication ssh console LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
virtual telnet 172.26.24.19
auth-prompt prompt Please enter your username and password
auth-prompt accept Authentication succeeded.
auth-prompt reject Authentication failed. Try again.
telnet timeout 5
ssh scopy enable
ssh 172.22.161.0 255.255.255.0 inside_data
ssh 172.22.163.0 255.255.255.0 inside_data
ssh 172.26.18.0 255.255.255.0 inside_data
ssh timeout 60
ssh version 2
console timeout 0
management-access inside_data
!
class-map my-ips-class
match access-list IPS
class-map Voip
match dscp cs3  ef
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
class my-ips-class
  ips promiscuous fail-open
policy-map qos
class Voip
  priority
policy-map my-ips-policy
class my-ips-class
  ips promiscuous fail-open
!
service-policy global_policy global
ntp server 202.108.158.139
Cryptochecksum:c46fbf0ead94c0a5c60d415f8b5ce82b
: end
shafw01(config)# sh ver

Cisco Adaptive Security Appliance Software Version 7.0(4)
Device Manager Version 5.0(4)

Compiled on Thu 13-Oct-05 21:43 by builders
System image file is "disk0:/asa704-k8.bin"
Config file at boot was "startup-config"

shafw01 up 47 mins 3 secs

Hardware:   ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 64MB
BIOS Flash AT49LW080: @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : CNlite-MC-Boot-Cisco-1.2
                             SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0  : address is 0013.c482.3ff8, irq 9
1: Ext: GigabitEthernet0/1  : address is 0013.c482.3ff9, irq 9
2: Ext: GigabitEthernet0/2  : address is 0013.c482.3ffa, irq 9
3: Ext: GigabitEthernet0/3  : address is 0013.c482.3ffb, irq 9
4: Ext: Management0/0       : address is 0013.c482.3ffc, irq 11
5: Int: Internal-Data0/0    : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs               : 25
Inside Hosts                : Unlimited
Failover                    : Active/Active
VPN-DES                     : Enabled
VPN-3DES-AES                : Enabled
Security Contexts           : 2
GTP/GPRS                    : Disabled
VPN Peers                   : 300

This platform has a Base license.

Serial Number: JMX0949K06H
Running Activation Key: 0x7626e778 0xf831bcc6 0x445328fc 0x84003414 0x0e1bcb8a
Configuration register is 0x1
Configuration last modified by enable_15 at 16:29:59.641 cet Thu Feb 16 2006
shafw01(config)#
shafw01(config)#
shafw01(config)#
shafw01(config)#
shafw01(config)# sh int ip brief
shafw01(config)# sh int ip brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         unassigned      YES unset  up                    up  
GigabitEthernet0/0.150     172.26.24.18    YES CONFIG up                    up  
GigabitEthernet0/0.151     10.48.8.1       YES CONFIG up                    up  
GigabitEthernet0/1         unassigned      YES unset  up                    up  
GigabitEthernet0/1.161     172.26.30.1     YES CONFIG up                    up  
GigabitEthernet0/1.163     172.26.31.1     YES CONFIG up                    up  
GigabitEthernet0/2         unassigned      YES unset  administratively down down
GigabitEthernet0/3         unassigned      YES unset  up                    up  
GigabitEthernet0/3.154     172.26.24.9     YES CONFIG up                    up  
Internal-Control0/0        127.0.1.1       YES unset  up                    up  
Internal-Data0/0           unassigned      YES unset  up                    up  
Management0/0              222.66.83.18    YES CONFIG up                    up 
shafw01(config)#

转载地址：http://www.net130.com/CMS/Pub/Tech/tech_instance/2006_06_05_189.htm