Im making an attempt to get pinging/telnet enabled for a sure port so i can get by from outdoors to inside or vise versa. Simply making an attempt to determine the configuration to get there.
I’ve made my inside community and my outdoors community.
Firewall mannequin is Cisco 5520 ASA
ciscoasa# sh access-lis
access-list cached ACL log flows: whole 0, denied 0 (deny-flow-max 4096)
alert-interval 300
access-list 101; 4 components; title hash: 0xe7d586b5
access-list 101 line 1 prolonged allow icmp any any echo-reply (hitcnt=0) 0x0309 01cd
access-list 101 line 2 prolonged allow icmp any any source-quench (hitcnt=0) 0x8 bddfde8
access-list 101 line 3 prolonged allow icmp any any unreachable (hitcnt=0) 0x89d 18f69
access-list 101 line 4 prolonged allow icmp any any time-exceeded (hitcnt=0) 0x1 2127ce7
access-list outside_access_in; 5 components; title hash: 0x6892a938
access-list outside_access_in line 1 prolonged allow icmp object outside3560 obj ect inside3560 (hitcnt=0) 0x4f1148e6
access-list outside_access_in line 1 prolonged allow icmp host 192.168.2.21 ho st 192.168.1.11 (hitcnt=0) 0x4f1148e6
access-list outside_access_in line 2 prolonged allow icmp object outside3560 obj ect inside3560 object-group ping (hitcnt=0) 0xc892322e
access-list outside_access_in line 2 prolonged allow icmp host 192.168.2.21 ho st 192.168.1.11 echo (hitcnt=0) 0x8d896526
access-list outside_access_in line 2 prolonged allow icmp host 192.168.2.21 ho st 192.168.1.11 echo-reply (hitcnt=0) 0xd3bb9910
access-list outside_access_in line 3 prolonged allow icmp object outside23560 ob ject inside35602 object-group ping (hitcnt=0) 0xa79083e6
access-list outside_access_in line 3 prolonged allow icmp host 192.168.2.21 ho st 192.168.1.12 echo (hitcnt=0) 0xca21b676
access-list outside_access_in line 3 prolonged allow icmp host 192.168.2.21 ho st 192.168.1.12 echo-reply (hitcnt=0) 0x5ca247e8
access-list inside; 1 components; title hash: 0x45467dcb
access-list inside line 1 prolonged allow icmp host 192.168.1.11 host 192.168.2. 21 (hitcnt=0) 0x00b26fe3
access-list outdoors; 1 components; title hash: 0x1a47dec4
access-list outdoors line 1 prolonged allow icmp host 192.168.2.21 host 192.168.1 .11 (hitcnt=0) 0x4310bc47
3560 Inside change:
L3Switch1#sh run
Constructing configuration...
Present configuration : 1542 bytes
!
model 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname L3Switch1
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file confirm auto
spanning-tree mode pvst
spanning-tree lengthen system-id
!
vlan inner allocation coverage ascending
!
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/28
!
interface Vlan1
no ip deal with
!
interface Vlan10
ip deal with 192.168.1.11 255.255.255.0
!
ip classless
ip http server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
!
finish
3560 outdoors change:
TransitSw# sh run
Constructing configuration...
Present configuration : 1839 bytes
!
model 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname TransitSw
!
!
no aaa new-model
system mtu routing 1500
vtp mode clear
ip subnet-zero
!
!
!
!
no file confirm auto
spanning-tree mode pvst
spanning-tree lengthen system-id
!
vlan inner allocation coverage ascending
!
vlan 10
title inside-vlan
!
vlan 20,30,40,112-113
!
vlan 210
title netmon
!
vlan 439
title radio
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/22
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/23
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/24
!
interface Vlan1
no ip deal with
no ip route-cache
!
interface Vlan10
ip deal with 192.168.1.12 255.255.255.0
no ip route-cache
!
interface Vlan20
ip deal with 192.168.20.14 255.255.255.0
no ip route-cache
!
interface Vlan30
ip deal with 192.168.30.14 255.255.255.0
no ip route-cache
!
interface Vlan40
ip deal with 192.168.40.14 255.255.255.0
no ip route-cache
!
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
!
finish
2960 Transmittor change thats additionally inside:
Change#sh run
Constructing configuration...
Present configuration : 3170 bytes
!
model 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Change
!
allow password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
no file confirm auto
spanning-tree mode pvst
spanning-tree lengthen system-id
!
vlan inner allocation coverage ascending
!
!
interface FastEthernet0/1
switchport entry vlan 10
!
interface FastEthernet0/2
switchport entry vlan 10
!
interface FastEthernet0/3
switchport entry vlan 10
!
interface FastEthernet0/4
switchport entry vlan 10
!
interface FastEthernet0/5
switchport entry vlan 10
!
interface FastEthernet0/6
switchport entry vlan 20
!
interface FastEthernet0/7
switchport entry vlan 20
!
interface FastEthernet0/8
switchport entry vlan 20
!
interface FastEthernet0/9
switchport entry vlan 20
!
interface FastEthernet0/10
switchport entry vlan 20
!
interface FastEthernet0/11
switchport entry vlan 30
!
interface FastEthernet0/12
switchport entry vlan 30
!
interface FastEthernet0/13
switchport entry vlan 30
!
interface FastEthernet0/14
switchport entry vlan 30
!
interface FastEthernet0/15
switchport entry vlan 30
!
interface FastEthernet0/16
switchport entry vlan 40
!
interface FastEthernet0/17
switchport entry vlan 40
!
interface FastEthernet0/18
switchport entry vlan 40
!
interface FastEthernet0/19
switchport entry vlan 40
!
interface FastEthernet0/20
switchport entry vlan 40
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
!
interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
!
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
switchport entry vlan 10
switchport mode entry
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
ip deal with 10.0.0.1 255.255.255.0
!
interface Vlan10
ip deal with 192.168.2.21 255.255.255.0
standby 1 ip 192.168.10.15
standby 1 preempt
!
interface Vlan20
ip deal with 192.168.20.10 255.255.255.0
standby 1 ip 192.168.20.15
standby 1 preempt
!
interface Vlan30
ip deal with 192.168.30.10 255.255.255.0
standby 1 ip 192.168.30.15
standby 1 preempt
!
interface Vlan40
ip deal with 192.168.40.10 255.255.255.0
standby 1 ip 192.168.40.15
standby 1 preempt
!
interface Vlan99
ip deal with 192.168.99.99 255.255.255.0
!
ip default-gateway 10.0.0.254
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
!
finish
TransitSw#