CiscoASA可達性靜態(tài)路由配置示例_第1頁
CiscoASA可達性靜態(tài)路由配置示例_第2頁
CiscoASA可達性靜態(tài)路由配置示例_第3頁
CiscoASA可達性靜態(tài)路由配置示例_第4頁
全文預覽已結(jié)束

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進行舉報或認領(lǐng)

文檔簡介

1、cisco asa可達性靜態(tài)路由配置示例如果網(wǎng)絡中具有兩個isp的出口連接,為了確保目標地址可達,可配置一個服務等級協(xié)議 (sla)監(jiān)視器進程來監(jiān)視任意目標地址,這個進程與靜態(tài)路由聯(lián)合,使該路由跟蹤可達的 冃標。簡易拓撲:sw4c1nio_gen_eth:devi c enpf_5b40a04a-434f-48f3-bdae-62a405b577ef)配置示例:ciscoasa(config)# interface ether net 0/1ciscoasa(config-if)# ip address 200.1.1.1 255.255.255.0ciscoasa(config-if)# n

2、ameif outsideciscoasa(config-if)# no shutdownciscoasa(c on fig)# in terface ether net 0/2ciscoasa(config-if)# ip address 201.1.1.1 255.255.255.0ciscoasa(config-if)# nameif outside_2ciscoasa(config-if)# no shutdownciscoasa(config)# sla monitor 1 定義 sla 監(jiān)視過程ciscoasa(configslamonitor)# type echo protoc

3、ol ipicmpecho 200.1.1.254 interface outsi de定義可達性測試ciscoasa(config-sla-monitor-echo)# frequency 30 測試頻率設置為 30 秒一次 ciscoasa(config-sla-monitor-echo)# threshold 2000 測試閥值間隔為 2 秒 ciscoasa(config-sla-monitor-echo)# timeout 5000 測試超時間隔為 5 秒 ciscoasa(configsla-monitor-echo)# exitciscoasa(config)# sla moni

4、tor schedule 1 life forever start-time now 立即開始 sla 監(jiān)控測 試ciscoasa(config)# track 1 rtr 1 reachability 啟用可達性跟蹤ciscoasa(config)# sla monitor 2ciscoasa(configsla-monitor)# type echo protocol ipicmpecho 201.1.1.254 interface outsi de_2ciscoasa(config-sla-monitor-echo)# frequency 30ciscoasa(config-sla-mo

5、nitor-echo)# threshold 2000ciscoasa(config-sla-monitor-echo)# timeout 5000ciscoasa(config-sla-monitor-echo)# exitciscoasa(c on fig)# sla mon itor schedule 2 life forever start-time nowciscoasa(config)# track 2 rtr 2 reachabilityciscoasa(config)# route outside 0.0.0.0 0.0.0.0 200.1.1.254 track 1 對默認路

6、 rh使丿ij跟蹤ciscoasa(config)# route outside 2 0.0.0.0 0.0.0.0 201.1.1.254 2 track 2檢測靜態(tài)路由可達性跟蹤過程:ciscoasa(config)# show tracktrack 1response time reporter 1 reachabilityreachability is down1 change, last change 00:04:10latest operation return code: timeouttracked by:static-ip-routing 0track 2response t

7、ime reporter 2 reachabilityreachability is down1 change, last change 00:01:34latest operation return code: timeouttracked by:static-ip-routing 0ciscoasa(config)# debug sla monitor traceip sla monitor trace debugging for all operations is onciscoasa(config)# ip sla monitor(1) echo operation: timeouti

8、p sla monitor(1) scheduler: updating resultip sla monitor(2) scheduler: starting an operationip sla monitor(2) echo operation: sending an echo operationip sla monitor(2) echo operation: timeoutip sla monitor(2) scheduler: updating result檢查sla配置: ciscoasa(c on fig)# show sla monitor con figurati onsa

9、 age nt, infrastructure engin e-llentry number: 1owner:tag:type of operation to perform: echotarget address: 200.1.1.254in terface: outsidenumber of packets: 1request size (arr data portion): 28operati on timeout (millisec on ds): 5000type of service parameters: 0x0verify data: nooperation frequency

10、 (seconds): 30next scheduled start time: start time already passedgroup scheduled : falselife (seconds): foreverentry ageout (sec on ds): neverrecurring (starting everyday): falsestatus of entry (snmp rowstatus): activeenhanced history:entry number: 2owner:tag:type of operation to perform: echotarge

11、t address: 201.1.1.254in terface: outside_2number of packets: 1request size (arr data portion): 28operation timeout (milliseconds): 5000type of service parameters: 0x0verify data: nooperation frequency (sec on ds): 30next scheduled start time: start time already passedgroup scheduled : falselife (se

12、conds): foreverentry ageout (seconds): neverrecurring (starting everyday): falsestatus of entry (snmp rowstatus): activeenhanced history:ciscoasa(config)#show sla monitor operationalstateentry number: 1modification time: 16:17:04.626 utc tue oct 30 2012number of octets used by this entry: 1480number

13、 of operations attempted: 18number of operations skipped: 0current seconds left in life: foreveroperational state of entry: activelast time this entry was reset: neverconn ection loss occurred: falsetimeout occurred: trueover thresholds occurred: falselatest rtt (milliseconds): nocormection/busy/tim

14、eoutlatest operation start time: 16:25:34.659 utc tue oct 30 2012latest operation return code: timeoutrtt values:rttavg: 0 rttmin: 0 rttmax: 0numofrtt: 0 rttsum: 0 rttsum2: 0entry number: 2modification time: 16:19:41.114 utc tue oct 30 2012number of octets used by this entry: 1480number of operation

15、s attempted: 13number of operations skipped: 0current seconds left in life: foreveroperational state of entry: activelast time this entry was reset: neverconn ection loss occurred: falsetimeout occurred: trueover thresholds occurred: falselatest rtt (milliseconds): noconnection/busy/timeoutlatest op

16、eration start time: 16:25:41.150 utc tue oct 30 2012latest operation return code: timeoutrtt values:rttavg: 0 rttmin: 0 rttmax: 0numofrtt: 0 rttsum: 0 rttsum2: 0檢查路由:ciscoasa(config)# show routecodes: c - connected, s static, i - igrp, r - rip, m mobile, b bgp d eigrp, ex eigrp external, o ospf, ia ospf inter area n1 - ospf nssa external type 1, n2 ospf nssa external type 2 e1 - ospf external type 1, e2 - ospf external type 2, e egp i - is-is, l1 is-is level-1, l2 - is-is level-2, ia is-is inter area * - candidate default, u per

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預覽,若沒有圖紙預覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負責。
  • 6. 下載文件中如有侵權(quán)或不適當內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論