Cisco Secure Firewall 3120 Pierwsze kroki - Strona 31

Przeglądaj online lub pobierz pdf Pierwsze kroki dla Sprzęt sieciowy Cisco Secure Firewall 3120. Cisco Secure Firewall 3120 42 stron.

Getting Started
Setting
Data interface configuration.
Outside physical interface and
IP address.
Static routes.
Security zones.
Configuration
• Firepower 1010—The outside interface, Ethernet1/1, is a
physical firewall interface. All other interfaces are switch
ports that are enabled and part of VLAN1, the inside
interface. You can plug end points or switches into these
ports and obtain addresses from the DHCP server for the
inside interface.
• Firepower 4100/9300—All data inetrfaces are disabled.
• ISA 3000—All data interfaces are enabled and part of the
same bridge group, BVI1. GigabitEthernet1/1 and 1/3 are
outside interfaces, and GigabitEthernet1/2 and 1/4 are inside
interfaces. GigabitEthernet1/1 (outside1) and 1/2 (inside1),
and GigabitEthernet1/3 (outside2) and 1/4 (inside2)
(non-fiber models only) are configured as Hardware Bypass
pairs.
• All other models—The outside and inside interfaces are the
only ones configured and enabled. All other data interfaces
are disabled.
The default outside port based on the device model. See
Configuration Prior to Initial Setup, on page
The IP address is obtained by DHCP and IPv6 autoconfiguration,
or it is a static address as entered (IPv4, IPv6, or both).
Firepower 4100/9300: Data interfaces are not pre-configured.
ISA 3000: None. You must set the BVI1 IP address manually.
If you configure a static IPv4 or IPv6 address for the outside
interface, a static default route is configured for IPv4/IPv6 as
appropriate, pointing to the gateway you defined for that address
type. If you select DHCP, the default route is obtained from the
DHCP server.
Network objects are also created for the gateway and the "any"
address, that is, 0.0.0.0/0 for IPv4, ::/0 for IPv6.
inside_zone, containing the inside interfaces. For the Firepower
4100/9300, you need to add interfaces manually to this security
zone.
outside_zone, containing the outside interfaces. For the Firepower
4100/9300, you need to add interfaces manually to this zone.
(You can edit these zones to add other interfaces, or create your
own zones.)
Configuration After Initial Setup
Explicit, implied, or default
configuration
Default.
Default
Interface is Default.
26.
Addressing is Explicit.
Implied.
Implied.
Getting Started
31