问答文章1 问答文章501 问答文章1001 问答文章1501 问答文章2001 问答文章2501 问答文章3001 问答文章3501 问答文章4001 问答文章4501 问答文章5001 问答文章5501 问答文章6001 问答文章6501 问答文章7001 问答文章7501 问答文章8001 问答文章8501 问答文章9001 问答文章9501

CCNP、CCIP、CCSP和CCVP 是什么样的证书?代表什么

发布网友 发布时间:2022-04-12 19:47

我来回答

2个回答

懂视网 时间:2022-04-13 00:08

hostname shafw01 domain-name heraeus.com enable password names ! interface GigabitEthernet0/0 no nameif no security-level no ip address ! interface GigabitEthernet0/0.150 vlan 150 nameif inside_data security-level 50 ip address 172.26.24.6

hostname shafw01

domain-name heraeus.com

enable password

names

!

interface GigabitEthernet0/0

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/0.150

vlan 150

nameif inside_data

security-level 50

ip address 172.26.24.6 255.255.255.252

!

interface GigabitEthernet0/0.151

vlan 151

nameif inside_voice

security-level 50

ip address 10.48.8.1 255.255.255.0!

interface GigabitEthernet0/1

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/1.161

vlan 161

nameif web

security-level 50

ip address 172.26.30.1 255.255.255.0

!

interface GigabitEthernet0/1.163

vlan 163

nameif secure

security-level 50

ip address 172.26.31.1 255.255.255.0

!

interface GigabitEthernet0/2

description LAN/STATE Failover Interface for Future

!

interface GigabitEthernet0/3

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/3.154

vlan 154

nameif sprint

security-level 50

ip address 172.26.24.9 255.255.255.252

!

interface Management0/0

nameif outside

security-level 50

ip address 222.66.83.18 255.255.255.240

!

boot system disk0:/asa704-k8.bin

ftp mode passive

clock timezone cet 8

dns domain-lookup inside_data

dns name-server 172.26.16.17

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object-group icmp-type icmp_echo_request

icmp-object echo

object-group icmp-type icmp_echo_reply

icmp-object echo-reply

object-group icmp-type ICMP_echo

group-object icmp_echo_request

group-object icmp_echo_reply

object-group service udp_tftp udp

port-object eq tftp

object-group service udp_citrix udp



port-object eq 1604

object-group service udp_radius udp

port-object eq 1812

object-group service udp_radius_acct udp

port-object eq 1813

object-group service udp_rsa_5500 udp

port-object eq 5500

object-group service tcp_http tcp

port-object eq www

object-group service tcp_http_8080 tcp

port-object eq 8080

object-group service tcp_https tcp

port-object eq https

object-group service tcp_ftp tcp

port-object eq ftp

object-group service tcp_ntp tcp

port-object eq 123

object-group service udp_ntp udp

port-object eq ntp

object-group service tcp_smtp tcp

port-object eq smtp

object-group service tcp_ssh tcp

port-object eq ssh

object-group service tcp_squid_3128 tcp

port-object eq 3128

object-group service tcp_squid_2370 tcp

port-object eq 2370

object-group service tcp_sapdps_47xx tcp

port-object range 4700 4799

object-group service tcp_sapgw_33xx tcp

port-object range 3300 3399

object-group service tcp_sapdp_32xx tcp

port-object range 3200 3299

object-group service tcp_sapgws_48xx tcp

port-object range 4800 4899

object-group service tcp_sapms_36xx tcp

port-object range 3600 3699

object-group service tcp_jetdirect_9100 tcp

port-object eq 9100

object-group service tcp_printer tcp

port-object eq lpd

object-group service tcp_tacacs_plus tcp

port-object eq tacacs

object-group service TCP_squid_web tcp

group-object tcp_http

group-object tcp_https

group-object tcp_http_8080

object-group service TCP_squid_ftp tcp

group-object tcp_ftp

object-group service TCP_squid_all tcp

group-object TCP_squid_web

group-object TCP_squid_ftp

object-group service TCP_squid_port tcp

group-object tcp_squid_3128

group-object tcp_squid_2370

object-group service TCP_sap tcp

group-object tcp_sapdps_47xx



group-object tcp_sapgw_33xx

group-object tcp_sapdp_32xx

group-object tcp_sapgws_48xx

group-object tcp_sapms_36xx

object-group service TCP_printing tcp

group-object tcp_jetdirect_9100

group-object tcp_printer

object-group network n_VLAN108_16

network-object 172.26.16.0 255.255.255.0

object-group network n_VLAN105_22

network-object 172.26.22.0 255.255.255.0

object-group network n_VLAN106_25

network-object 172.26.25.0 255.255.255.0

object-group network n_VLAN163_31

network-object 172.26.31.0 255.255.255.0

object-group service TCP_dameware tcp

group-object tcp_dameware_6129

group-object tcp_dameware_6130

object-group network N_RFC1918

network-object 10.0.0.0 255.0.0.0

network-object 172.16.0.0 255.240.0.0

network-object 192.168.0.0 255.255.0.0

object-group service TCP_client_auth tcp

group-object tcp_http

group-object tcp_https

group-object tcp_telnetobject-group network h_china_ntpserver

network-object host 202.108.158.139object-group network h_auth42

network-object host 172.26.31.42object-group network H_auth

group-object h_auth42object-group network H_ntp_servers

group-object h_china_ntpserveraccess-list TRIGGER extended permit tcp any object-group H_auth object-group TCP_client_auth access-list NONAT remark # this is a nat rule, only permit's are allowed

access-list NONAT remark # no nat inside our networks

access-list NONAT extended permit ip object-group N_RFC1918 object-group N_RFC1918 access-list POLICY remark # counterpart of trigger rule

access-list POLICY extended permit tcp any object-group H_auth object-group TCP_client_auth access-list POLICY remark # # ntp

access-list POLICY extended permit tcp any object-group H_ntp_servers object-group tcp_ntp

access-list POLICY extended permit udp any object-group H_ntp_servers object-group udp_ntpaccess-list HIDING remark # this is a nat rule, only permit's are allowed



access-list HIDING extended permit ip object-group N_RFC1918 anyaccess-list IPS extended permit ip any any tcp-map mss

exceed-mss allow

!pager lines 22

logging enable

logging console critical

logging monitor errors

logging buffered critical

logging trap errors

logging facility 16

logging host secure 172.26.31.142

logging permit-hostdown

mtu inside_data 1500

mtu web 1500

mtu secure 1500

mtu sprint 1500

mtu outside 1500

ip verify reverse-path interface inside_data

ip verify reverse-path interface web

ip verify reverse-path interface secure

ip verify reverse-path interface sprint

ip verify reverse-path interface outside

asdm image disk0:/asdm502.bin

no asdm history enable

arp outside {mac-outside interface} {hiding IP)

arp timeout 14400

global outside 1 {hiding ip} netmask 255.255.255.0

nat (inside_data) 0 access-list NONAT

nat (inside_voice) 0 access-list NONAT

nat (sprint) 0 access-list NONAT

nat (secure) 0 access-list NONAT

nat (inside_data) 1 access-list HIDING

route inside_data 172.26.25.0 255.255.255.0 172.26.24.5 1

route inside_data 172.26.22.0 255.255.255.0 172.26.24.5 1

route inside_data 172.26.16.0 255.255.255.0 172.26.24.5 1

route sprint 172.16.0.0 255.240.0.0 172.26.24.10 1

route sprint 10.0.0.0 255.0.0.0 172.26.24.10 1

route sprint 192.168.0.0 255.255.0.0 172.26.24.10 1access-group POLICY in interface inside_data per-user-override

access-group POLICY in interface inside_voice

access-group POLICY in interface web

access-group POLICY in interface secure per-user-override

access-group POLICY in interface sprint per-user-override

access-group POLICY in interface outsidetimeout xlate 3:00:00

timeout conn 2:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:10

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00



timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:00:00 absolute uauth 0:15:00 inactivityvirtual telnet 172.26.24.xxauth-prompt prompt Please enter your username and password

auth-prompt accept Authentication succeeded.

auth-prompt reject Authentication failed. Try again.

telnet timeout 5

ssh scopy enable

ssh 172.22.161.0 255.255.255.0 sprint

ssh 172.26.16.0 255.255.255.0 inside_data

ssh 172.26.31.0 255.255.255.0 secure

ssh timeout 60

ssh version 2

console timeout 0

management-access inside_data

mangement-acccess sprintclass-map my-ips-class

match access-list IPS

class-map VoIP

match dscp cs3

ef

class-map inspection_default

match default-inspection-traffic

class-map mss-map

match access-list MSS-exceptionspolicy-map global_policy

class inspection_default

inspect ftp

inspect h323 h225

inspect rtsp

inspect skinny

inspect tftp

inspect sip

inspect icmp

inspect ctiqbe

inspect dns

inspect http

class mss-map

set connection advanced-options mss

class my-ips-class

ips promiscuous fail-open

policy-map qos

class VoIP

priority

policy-map my-ips-policy

class my-ips-class

ips promiscuous fail-openservice-policy global_policy global

ntp server 202.108.158.139rdca4fwepshafw01(config)# sh run

: Saved

:

ASA Version 7.0(4)

!

hostname shafw01

domain-name heraeus.com

enable password .68HJO4Qmg83HE2S encrypted

names

!

interface GigabitEthernet0/0

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/0.150

vlan 150

nameif inside_data

security-level 50

ip address 172.26.24.18 255.255.255.240

!

interface GigabitEthernet0/0.151

vlan 151

nameif inside_voice

security-level 50



ip address 10.48.8.1 255.255.255.0

!

interface GigabitEthernet0/1

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/1.161

vlan 161

nameif web

security-level 50

ip address 172.26.30.1 255.255.255.0

!

interface GigabitEthernet0/1.163

vlan 163

nameif secure

security-level 50

ip address 172.26.31.1 255.255.255.0

!

interface GigabitEthernet0/2

description LAN/STATE Failover interface for futer!

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/3

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/3.154

vlan 154

nameif sprint

security-level 50

ip address 172.26.24.9 255.255.255.0

!

interface Management0/0

nameif outside

security-level 50

ip address 222.66.83.18 255.255.255.240

!

passwd 2KFQnbNIdI.2KYOU encrypted

boot system disk0:/0

boot system disk0:/asa704-k8.bin

ftp mode passive

clock timezone cet 8

dns domain-lookup inside_data

dns name-server 172.26.16.17

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object-group icmp-type icmp_echo_request

icmp-object echo

object-group icmp-type icmp_echo_reply

object-group network h_china_ntpserver

network-object host 202.108.158.139

object-group network h_auth42

network-object host 172.26.31.42

network-object host 172.26.24.19

object-group network N_RFC1918

network-object 10.0.0.0 255.0.0.0

network-object 172.16.0.0 255.240.0.0

network-object 192.168.0.0 255.255.0.0

object-group network n_VLAN108_16

network-object 172.26.16.0 255.255.255.0

object-group network n_VLAN105_22

network-object 172.26.22.0 255.255.255.0



object-group network n_VLAN106_25

network-object 172.26.25.0 255.255.255.0

object-group network n_VLAN163_31

network-object 172.26.31.0 255.255.255.0

object-group network n_VLAN108_18

network-object 172.26.18.0 255.255.255.0

object-group network N_RDCA_S_C

group-object n_VLAN108_18

group-object n_VLAN108_16

group-object n_VLAN105_22

object-group service tcp_http tcp

port-object eq www

object-group service tcp_https tcp

port-object eq https

object-group service tcp_telnet tcp

port-object eq telnet

object-group service TCP_client_auth tcp

group-object tcp_http

group-object tcp_https

group-object tcp_telnet

object-group service tcp_http_8080 tcp

port-object eq 8080

object-group service tcp_ftp tcp

port-object eq ftp

object-group service tcp_ntp tcp

port-object eq 123

object-group service udp_ntp udp

port-object eq ntp

object-group service tcp_smtp tcp

port-object eq smtp

object-group service tcp_ssh tcp

port-object eq ssh

object-group network H_auth

group-object h_auth42

object-group network H_ntp_servers

group-object h_china_ntpserver

object-group service TCP_webservice tcp

group-object tcp_http

group-object tcp_https

access-list HIDING extended permit ip object-group N_RFC1918 any

access-list HIDING remark # this is a nat rule, only permit's are allowed

access-list NONAT extended permit ip object-group N_RFC1918 object-group N_RFC1918

access-list POLICY remark # counterpart of trigger rule

access-list POLICY extended permit tcp any object-group H_auth object-group TCP_client_auth

access-list POLICY remark # # ntp

access-list POLICY extended permit tcp any object-group H_ntp_servers object-group tcp_ntp

access-list POLICY extended permit udp any object-group H_ntp_servers object-group udp_ntp



access-list POLICY remark # RDCA-webbrowsing rule

access-list POLICY extended permit tcp object-group N_RDCA_S_C any object-group TCP_webservice log

access-list POLICY remark # All Internal Network is allowed

access-list POLICY remark # All Internal Network Traffic is allowed

access-list POLICY extended permit ip object-group N_RFC1918 object-group N_RFC1918 log

access-list POLICY extended deny ip any any log

access-list IPS extended permit ip any any

pager lines 24

logging enable

logging buffer-size 10000

logging console critical

logging monitor errors

logging buffered errors

logging trap errors

logging facility 16

logging host secure 172.26.31.142

logging permit-hostdown

mtu inside_data 1500

mtu inside_voice 1500

mtu web 1500

mtu secure 1500

mtu sprint 1500

mtu outside 1500

ip verify reverse-path interface inside_data

ip verify reverse-path interface web

ip verify reverse-path interface secure

ip verify reverse-path interface sprint

ip verify reverse-path interface outside

no failover

asdm image disk0:/asdm504.bin

no asdm history enable

arp outside 222.66.83.19 0013.c482.3ffc

arp timeout 14400

global (outside) 1 222.66.83.19 netmask 255.255.255.255

nat (inside_data) 0 access-list NONAT

nat (inside_data) 1 access-list HIDING

nat (inside_voice) 0 access-list NONAT

nat (secure) 0 access-list NONAT

nat (sprint) 0 access-list NONAT

access-group POLICY in interface inside_data

access-group POLICY in interface web

access-group POLICY in interface sprint

access-group POLICY in interface outside

route inside_data 172.26.23.0 255.255.255.0 172.26.24.17 1

route inside_data 172.26.10.0 255.255.255.0 172.26.24.17 1

route inside_data 172.26.25.0 255.255.255.0 172.26.24.17 1

route inside_data 172.26.22.0 255.255.255.0 172.26.24.17 1



route inside_data 172.26.16.0 255.255.255.0 172.26.24.17 1

route inside_data 172.26.18.0 255.255.255.0 172.26.24.17 1

route sprint 172.16.0.0 255.240.0.0 172.26.24.10 1

route sprint 10.0.0.0 255.0.0.0 172.26.24.10 1

route sprint 192.168.0.0 255.255.0.0 172.26.24.10 1

route outside 0.0.0.0 0.0.0.0 222.66.83.17 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

username wafersys password N3432S3svONQ.rWm encrypted

username rdcafwadmin password iqtp6BSrFydQnyAe encrypted

aaa authentication ssh console LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

virtual telnet 172.26.24.19

auth-prompt prompt Please enter your username and password

auth-prompt accept Authentication succeeded.

auth-prompt reject Authentication failed. Try again.

telnet timeout 5

ssh scopy enable

ssh 172.22.161.0 255.255.255.0 inside_data

ssh 172.22.163.0 255.255.255.0 inside_data

ssh 172.26.18.0 255.255.255.0 inside_data

ssh timeout 60

ssh version 2

console timeout 0

management-access inside_data

!

class-map my-ips-class

match access-list IPS

class-map Voip

match dscp cs3

ef

class-map inspection_default

match default-inspection-traffic

!

!

policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect netbios

inspect rsh

inspect rtsp

inspect skinny

inspect esmtp

inspect sqlnet

inspect sunrpc

inspect tftp

inspect sip

inspect xdmcp

class my-ips-class



ips promiscuous fail-open

policy-map qos

class Voip

priority

policy-map my-ips-policy

class my-ips-class

ips promiscuous fail-open

!

service-policy global_policy global

ntp server 202.108.158.139

Cryptochecksum:c46fbf0ead94c0a5c60d415f8b5ce82b

: end

shafw01(config)# sh verCisco Adaptive Security Appliance Software Version 7.0(4)

Device Manager Version 5.0(4)Compiled on Thu 13-Oct-05 21:43 by builders

System image file is "disk0:/asa704-k8.bin"

Config file at boot was "startup-config"shafw01 up 47 mins 3 secsHardware:

ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz

Internal ATA Compact Flash, 64MB

BIOS Flash AT49LW080: @ 0xffe00000, 1024KBEncryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode

: CNlite-MC-Boot-Cisco-1.2

SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03

IPSec microcode

: CNlite-MC-IPSECm-MAIN-2.04

0: Ext: GigabitEthernet0/0

: address is 0013.c482.3ff8, irq 9

1: Ext: GigabitEthernet0/1

: address is 0013.c482.3ff9, irq 9

2: Ext: GigabitEthernet0/2

: address is 0013.c482.3ffa, irq 9

3: Ext: GigabitEthernet0/3

: address is 0013.c482.3ffb, irq 9

4: Ext: Management0/0

: address is 0013.c482.3ffc, irq 11

5: Int: Internal-Data0/0

: address is 0000.0001.0002, irq 11

6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs

: 25

Inside Hosts

: Unlimited

Failover

: Active/Active

VPN-DES

: Enabled

VPN-3DES-AES

: Enabled

Security Contexts

: 2

GTP/GPRS

: Disabled

VPN Peers

: 300This platform has a Base license.

Serial Number: JMX0949K06H

Running Activation Key: 0x7626e778 0xf831bcc6 0x445328fc 0x84003414 0x0e1bcb8a



Configuration register is 0x1

Configuration last modified by enable_15 at 16:29:59.641 cet Thu Feb 16 2006

shafw01(config)#

shafw01(config)#

shafw01(config)#

shafw01(config)#

shafw01(config)# sh int ip brief

shafw01(config)# sh int ip brief

Interface

IP-Address

OK? Method Status

Protocol

GigabitEthernet0/0

unassigned

YES unset

up

up

GigabitEthernet0/0.150

172.26.24.18

YES CONFIG up

up

GigabitEthernet0/0.151

10.48.8.1

YES CONFIG up

up

GigabitEthernet0/1

unassigned

YES unset

up

up

GigabitEthernet0/1.161

172.26.30.1

YES CONFIG up

up

GigabitEthernet0/1.163

172.26.31.1

YES CONFIG up

up

GigabitEthernet0/2

unassigned

YES unset

administratively down down

GigabitEthernet0/3

unassigned

YES unset

up

up

GigabitEthernet0/3.154

172.26.24.9

YES CONFIG up

up

Internal-Control0/0

127.0.1.1

YES unset

up

up

Internal-Data0/0

unassigned

YES unset

up

up

Management0/0

222.66.83.18

YES CONFIG up

up

热心网友 时间:2022-04-12 21:16

CCNP思科高级网络工程师 Cisco Certified Internetwork Professional思科认证资深互联网专家 运营商方向的 CCSP 思科资深安全工程师 CCVP语音工程师
都是一阶层的 方向不同
声明声明:本网页内容为用户发布,旨在传播知识,不代表本网认同其观点,若有侵权等问题请及时与本网联系,我们将在第一时间删除处理。E-MAIL:11247931@qq.com
鸿蒙NEXT EROFS 文件系统有何大优势_鸿蒙 NEXT 中的EROFS文件系统优势介... Huawei EROFS 初探 [科普] 华为P30系列手机黑科技EROFS解密 Linux磁盘剩余空间查看方法 招行信用卡分期利息多少钱招行信用卡分期利息 公司哪些事情千万不要告诉同事? 爱奇艺怎么用小米账号登录 抖音上的音乐怎么设置手机铃声 c1转c2需要什么条件考完科二 徐州c1转c2可以吗 中原银行打款为什么三天还不到账? 为什么中原银行不能提现钱 ViVO手机出现频繁自动关机现象,是怎么回事 请问学历证书编号忘了,怎么查询学历 我的教师资格证书的编号忘记了,该怎么去查询?? 为什么vivo手机会莫名其妙的关机? 双屏收款机为什么会自动关机 南瓜花的叶子是什么形状的 南瓜叶子莫名的焉了是咋回事? 苹果系统更新不了且显示无法连接到网络? 南瓜叶太大了,遮住了阳光,小南瓜颜色不好,上面的叶子可以摘下来吗 梦见已故母亲回来了,我问她你怎么现在才来,这个梦好不好?是什么意思啊? 黑枸杞,白菊花,干金桔泡开水,过夜后能吃吗? 梦见去世的母亲坐了三年牢回来了,跟我讲有三个女人天天打她? 黑枸杞泡水过夜还能喝吗 黑枸杞泡水什么时候喝最好 移动卡被注销了,打过去是空号,还可以被继续使用么? 鳄鱼的眼泪吗 梦见下大雨中出太阳 一片冰心在玉壶的冰心指的是什么 “洛阳亲友如相问,一片冰心在玉壶。”诗中“冰心”和“玉壶”各是什么意思?出自什么典故? iphone截屏保留小圆点 苹果截图那个黑色圆点在哪里? 苹果手机截图怎么会有圆点 苹果截图又出现白圆点 山药粉怎么用量?可以和麦片混着喝吗? 脾胃从小就不太好,买了山药粉,请问一般山药粉吃多久能看见点效果? 山药粉有用吗 2019春晚赵本山还上春晚吗 洪荒少年张瑾收了么 谁有洪荒少年烈艳录完本,发我一下,谢谢! 工行信用卡能否增加外币功能 工行可以设置信用卡结算货币种类吗 国内怎么取现工行信用卡美元帐户 卖家的服务说明里面明明标有赠运费险的,我下单之后为什么就没有运费险了呢?? 电脑D盘的文件打不开? 电脑d盘突然打不开了(双击,右键均不行) 打开属性上面写着文件系统RAW,而且都为0kb,进行d盘查错无效 思科CCNA,CCNP,CCSP,CCVP,CCIP及CCIE认证前景有谁知道请进来 生的莲子怎么吃啊? 生莲子怎么煮? 莲子怎么食用,可以生吃吗?