Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absoluteĭynamic-access-policy-record DfltAccessPolicyĪaa-server PolicyServer (inside) host 10.0.1.1 Nat (inside,outside) static interface service tcp 3389 3389Īccess-group outside_access_in in interface outside Nat (inside,outside) static interface service tcp https https Nat (inside,outside) static interface service tcp 8080 8080 Nat (inside,outside) static interface service tcp www www Nat (inside,outside) source static any any destination static NETWORK_OBJ_10.50.50.0_25 NETWORK_OBJ_10.50.50.0_25 no-proxy-arp route-lookup Nat (inside,outside) source static Site-A-Network Site-A-Network destination static Site-B-Network Site-B-Network no-proxy-arp route-lookup Icmp unreachable rate-limit 1 burst-size 1 Service-object tcp-udp destination eq 3389Īccess-list outside_cryptomap extended permit ip object Site-A-Network object Site-B-NetworkĪccess-list outside_access_in extended permit tcp any4 object Web-Server eq eq domainĪccess-list guest_in extended permit udp any4 host 208.67.220.220 eq domainĪccess-list guest_in extended deny udp any4 any4 eq domainĪccess-list guest_in extended permit ip any4 any4 Object-group service RemoteDesktopServices Service tcp source eq 3389 destination eq 3389 Xlate per-session deny udp any6 any6 eq domain Xlate per-session deny udp any6 any4 eq domain Xlate per-session deny udp any4 any6 eq domain
Xlate per-session deny udp any4 any4 eq domain Result of the command: "show running-config"Įnable password Yn8Esq3NcXIH元5v encrypted Want I want to accomplish is that I can manage an access point on the guest network without the guest network being able to talk to the inside network.
I have a Cisco ASA 5505 that hosts VLAN 1(inside) VLAN 2 (outside) VLAN 3 ( Guest ) I have it setup so the Guest and the Inside can't talk to eachother, and DHCP is issued out on the Guest network from the ASA.
0 kommentar(er)
