各位专家,
我正在 Cisco ASA5510 上设置从外部到内部的静态 NAT,如下所示:
# static (inside,outside) 123.45.67.89 192.168.1.254 255.255.255.255
static (inside,outside) 123.45.67.89 192.168.1.254 255.255.255.255
^
ERROR: % Invalid input detected at '^' marker.
因此我尝试这样做来获得一些帮助:
# static ?
ERROR: % Unrecognized command
“静态”怎么会是无法识别的命令呢?
我参考了这个文档:
http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/cfgnat.html
更多信息:
# show version
Cisco Adaptive Security Appliance Software Version 7.2(2)
Device Manager Version 5.2(2)
Compiled on Wed 22-Nov-06 14:16 by builders
System image file is "disk0:/asa722-k8.bin"
Config file at boot was "startup-config"
xxxxxxxxx-fw up 14 days 17 hours
Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: Ethernet0/0 : address is xxxx.xxxx.xxxx, irq xx
1: Ext: Ethernet0/1 : address is xxxx.xxxx.xxxx, irq xx
2: Ext: Ethernet0/2 : address is xxxx.xxxx.xxxx, irq xx
3: Ext: Ethernet0/3 : address is xxxx.xxxx.xxxx, irq xx
4: Ext: Management0/0 : address is xxxx.xxxx.xxxx, irq xx
5: Int: Not used : irq xx
6: Int: Not used : irq xx
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 50
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 0
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 2
This platform has a Base license.
Serial Number: xxxxxxxxxxx
Running Activation Key: xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
Configuration register is 0x1
Configuration has not been modified since last system restart.
答案1
看起来您直接在“启用”模式下输入了这些命令。您可能只需要进入配置模式。
ASA5510-01# configure terminal
或者作为快捷方式
ASA5510-01# conf t
一旦进入配置模式,提示和静态命令将如下所示:
ASA5510-01(config)# static ?
configure mode commands/options:
( Open parenthesis for (<internal_if_name>,<external_if_name>) pair where
<internal_if_name> is the Internal or prenat interface and
<external_if_name> is the External or postnat interface
从那里开始,任何配置命令都应该可以工作。