1、WebVPN服务基本配置。 ----------------------------------------- ciscoasa(config)# int e0/0 ciscoasa(config-if)# ip address 198.1.1.1 255.255.255.0 ciscoasa(config-if)# nameif outside INFO: Security level for "outside" set to 0 by default. ciscoasa(config-if)# no shut ciscoasa(config-if)# exit ! ciscoasa(config)# int e0/1 ciscoasa(config-if)# ip add 10.10.1.1 255.255.255.0 ciscoasa(config-if)# nameif inside INFO: Security level for "inside" set to 100 by default. ciscoasa(config-if)# no sh ciscoasa(config-if)# exit ! ciscoasa(config)# webvpn ciscoasa(config-webvpn)# enable outside !在外网接口上启动WebVPN ! ----------------------------------------- ciscoasa(config)# group-policy mywebvpn-group-policy ?
configure mode commands/options: external Enter this keyword to specify an external group policy internal Enter this keyword to specify an internal group policy !此处需要选择组策略的类型,因为我们是将策略配置在ASA本地的,所以选择Internal。 ! ciscoasa(config)# group-policy mywebvpn-group-policy internal !创建了一个名为mywebvpn-group-policy的Internal类型Policy。 ----------------------------------------- ! ciscoasa(config)# group-policy mywebvpn-group-policy ?
configure mode commands/options: attributes Enter the attributes sub-command mode external Enter this keyword to specify an external group policy internal Enter this keyword to specify an internal group policy !组策略一旦创建,命令行参数中就会多出attributes选项,这是用于后面定义具体的组策略用的,目前可以保留为空。 ----------------------------------------- ! ciscoasa(config)# username steve6307 password cisco !创建一个本地用户 ciscoasa(config)# username steve6307 attributes ciscoasa(config-username)# vpn-group-policy mywebvpn-group-policy !将用户加入刚才创建的VPN策略组中
社区:
(ASA) Cisco Web VPN 配置详解 [三部曲之一]
