Scribd Logo
Upload

Welcome to Scribd!

  • QWE

    Uploaded by

    Anonymous XM3KoTUTg
    31 views10 pages
    asd

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    asd

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    31 views10 pages

    QWE

    Uploaded by

    Anonymous XM3KoTUTg
    asd

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    *******************

    FW INTERNET LPZ
    *******************
    *******************
    ingresar con usuario: bmendoza
    *******************
    enable [password]

    configure terminal

    ***************
    ASA LPZ- 12.164
    ***************

    IP de Desarrollo de la EDV - 192.168.100.192 Puertos 8282, 12080

    object-group service DESARROLLO-EDV1


    service-object tcp eq 8282

    object-group service DESARROLLO-EDV2


    service-object tcp eq 12080

    access-list BME-EDV extended permit ip 172.17.193.0 255.255.255.224 192.168.100.0


    255.255.255.0
    access-list BME-EDV extended permit ip 172.17.218.32 255.255.255.224 192.168.100.0
    255.255.255.0
    access-list BME-EDV extended permit tcp 172.16.0.0 255.255.0.0 192.168.100.0
    255.255.255.0 eq 8282
    access-list BME-EDV extended permit tcp 172.16.0.0 255.255.0.0 192.168.100.0
    255.255.255.0 eq 12080
    access-list BME-EDV extended permit tcp 172.17.193.0 255.255.255.224 192.168.100.0
    255.255.255.0 eq 8282
    access-list BME-EDV extended permit tcp 172.17.218.32 255.255.255.224 192.168.100.0
    255.255.255.0 eq 12080

    IP de Desarrollo de la ACCL - 172.21.0.53 Puertos 80,443

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.165 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.166 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.167 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.168 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.169 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.170 eq https
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.171 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.172 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.173 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.174 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.175 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.176 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.177 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.178 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.179 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.180 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.181 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.182 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.183 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.184 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.185 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.186 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.187 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.188 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.189 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.190 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.191 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.192 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.193 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.194 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.195 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.196 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.197 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.198 eq https

    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.199 eq http
    access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.200 eq https

    static (inside,DMZ-ASOBAN) tcp 172.21.130.165 http 172.16.182.140 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.166 https 172.16.182.140 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.167 http 172.16.31.119 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.168 https 172.16.31.119 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.169 http 172.16.31.108 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.170 https 172.16.31.108 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.171 http 172.16.31.122 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.172 https 172.16.31.122 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.173 http 172.16.31.121 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.174 https 172.16.31.121 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.175 http 172.16.31.124 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.176 https 172.16.31.124 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.177 http 172.16.31.116 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.178 https 172.16.31.116 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.179 http 172.16.31.76 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.180 https 172.16.31.76 https netmask
    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.181 http 172.16.31.113 http netmask
    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.182 https 172.16.31.113 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.183 http 172.16.31.115 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.184 https 172.16.31.115 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.185 http 172.16.31.114 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.186 https 172.16.31.114 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.187 http 172.16.31.90 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.188 https 172.16.31.90 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.189 http 172.16.31.101 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.190 https 172.16.31.101 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.191 http 172.16.31.105 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.192 https 172.16.31.105 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.193 http 172.16.31.87 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.194 https 172.16.31.87 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.195 http 172.16.31.126 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.196 https 172.16.31.126 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.197 http 172.16.31.117 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.198 https 172.16.31.117 https netmask
    255.255.255.255

    static (inside,DMZ-ASOBAN) tcp 172.21.130.199 172.17.193.0 netmask 255.255.255.224


    static (inside,DMZ-ASOBAN) tcp 172.21.130.200 172.17.218.32 https netmask
    255.255.255.224

    IP de Desarrollo de la ASFI - 172.21.65.107 Puertos 80,443

    access-list NAT1-ASOBAN extended permit ip 172.17.193.0 255.255.255.224


    172.21.65.0 255.255.255.0
    access-list NAT1-ASOBAN extended permit ip 172.17.218.32 255.255.255.224
    172.21.65.0 255.255.255.0
    ************
    ASA INTERNET
    ************

    object-group network hosts-vpn-ATC-NAZIR

    network-object host 172.16.31.119


    network-object host 172.16.31.108
    network-object host 172.16.31.124
    network-object host 172.16.31.116
    network-object host 172.16.31.76
    network-object host 172.16.31.113
    network-object host 172.16.31.114
    network-object host 172.16.31.90
    network-object host 172.16.31.101
    network-object host 172.16.31.105
    network-object host 172.16.31.126
    network-object host 172.16.31.117
    network-object 172.17.193.0 255.255.255.224
    network-object 172.17.218.32 255.255.255.224

    wr

    ****************
    obtener backup
    ****************
    *Habilitar logging en terminal putty
    terminal pager 0
    show running-config

    copiar el archivo obtenido al NAS, en la direccin:


    \\srvnasbme\sucursales\Accesos_a_Produccion\Redes_y_Telecomunicaciones?

    --------------------------

    *******************
    FW INTERNET LPZ
    *******************
    *******************
    ingresar con usuario: bmendoza
    *******************
    enable [password]

    configure terminal

    ***************
    ASA LPZ- 12.164
    ***************

    IP de Desarrollo de la EDV - 192.168.100.192 Puertos 8282, 12080


    no object-group service DESARROLLO-EDV1
    service-object tcp eq 8282

    no object-group service DESARROLLO-EDV2


    service-object tcp eq 12080

    no access-list BME-EDV extended permit ip 172.17.193.0 255.255.255.224


    192.168.100.0 255.255.255.0
    no access-list BME-EDV extended permit ip 172.17.218.32 255.255.255.224
    192.168.100.0 255.255.255.0
    no access-list BME-EDV extended permit tcp 172.16.0.0 255.255.0.0 192.168.100.0
    255.255.255.0 eq 8282
    no access-list BME-EDV extended permit tcp 172.16.0.0 255.255.0.0 192.168.100.0
    255.255.255.0 eq 12080
    no access-list BME-EDV extended permit tcp 172.17.193.0 255.255.255.224
    192.168.100.0 255.255.255.0 eq 8282
    no access-list BME-EDV extended permit tcp 172.17.218.32 255.255.255.224
    192.168.100.0 255.255.255.0 eq 12080

    IP de Desarrollo de la ACCL - 172.21.0.53 Puertos 80,443

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.165 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.166 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.167 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.168 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.169 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.170 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.171 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.172 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.173 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.174 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.175 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.176 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.177 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.178 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.179 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.180 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.181 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.182 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.183 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.184 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.185 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.186 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.187 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.188 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.189 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.190 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.191 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.192 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.193 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.194 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.195 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.196 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.197 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.198 eq https

    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host


    172.21.130.199 eq http
    no access-list DMZ-ASOBAN_access_in extended permit tcp host 172.21.0.53 host
    172.21.130.200 eq https
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.165 http 172.16.182.140 http netmask
    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.166 https 172.16.182.140 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.167 http 172.16.31.119 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.168 https 172.16.31.119 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.169 http 172.16.31.108 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.170 https 172.16.31.108 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.171 http 172.16.31.122 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.172 https 172.16.31.122 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.173 http 172.16.31.121 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.174 https 172.16.31.121 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.175 http 172.16.31.124 http netmask


    255.255.255.255
    static (inside,DMZ-ASOBAN) tcp 172.21.130.176 https 172.16.31.124 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.177 http 172.16.31.116 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.178 https 172.16.31.116 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.179 http 172.16.31.76 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.180 https 172.16.31.76 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.181 http 172.16.31.113 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.182 https 172.16.31.113 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.183 http 172.16.31.115 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.184 https 172.16.31.115 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.185 http 172.16.31.114 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.186 https 172.16.31.114 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.187 http 172.16.31.90 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.188 https 172.16.31.90 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.189 http 172.16.31.101 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.190 https 172.16.31.101 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.191 http 172.16.31.105 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.192 https 172.16.31.105 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.193 http 172.16.31.87 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.194 https 172.16.31.87 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.195 http 172.16.31.126 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.196 https 172.16.31.126 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.197 http 172.16.31.117 http netmask


    255.255.255.255
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.198 https 172.16.31.117 https netmask
    255.255.255.255

    no static (inside,DMZ-ASOBAN) tcp 172.21.130.199 172.17.193.0 netmask


    255.255.255.224
    no static (inside,DMZ-ASOBAN) tcp 172.21.130.200 172.17.218.32 https netmask
    255.255.255.224

    IP de Desarrollo de la ASFI - 172.21.65.107 Puertos 80,443

    no access-list NAT1-ASOBAN extended permit ip 172.17.193.0 255.255.255.224


    172.21.65.0 255.255.255.0
    no access-list NAT1-ASOBAN extended permit ip 172.17.218.32 255.255.255.224
    172.21.65.0 255.255.255.0

    ************
    ASA INTERNET
    ************

    object-group network hosts-vpn-ATC-NAZIR

    no network-object host 172.16.31.119


    no network-object host 172.16.31.108
    no network-object host 172.16.31.124
    no network-object host 172.16.31.116
    no network-object host 172.16.31.76
    no network-object host 172.16.31.113
    no network-object host 172.16.31.114
    no network-object host 172.16.31.90
    no network-object host 172.16.31.101
    no network-object host 172.16.31.105
    no network-object host 172.16.31.126
    no network-object host 172.16.31.117
    no network-object 172.17.193.0 255.255.255.224
    no network-object 172.17.218.32 255.255.255.224

    wr

    ****************
    obtener backup
    ****************
    *Habilitar logging en terminal putty
    terminal pager 0
    show running-config

    copiar el archivo obtenido al NAS, en la direccin:


    \\srvnasbme\sucursales\Accesos_a_Produccion\Redes_y_Telecomunicaciones?

    You might also like