取消
显示结果 
搜索替代 
您的意思是: 
cancel
690
查看次数
0
有帮助
9
回复

ASA在Packet Tracer中是否受限?

Translator
Community Manager
Community Manager

您好,我是刚开始学习ASA(5506-X)的学习者,Packet Tracer 8.0.1。

 

我在书中尝试了一些命令,但我遇到了麻烦,因为有些命令不受支持,如“show conn”和“logging enable”。 因此,我找到了所有可用的命令,但我找不到这些命令,尽管我的书显示了,而且思科文档显示它也可用。

FW1(config)#?
  aaa             Enable, disable, or view user authentication, authorization
                  and accounting
  access-group    Bind an access-list to an interface to filter traffic
  access-list     Configure an access control element
  boot            Set system boot parameters
  class-map       Configure MPF Class Map
  clock           Configure time-of-day clock
  configure       Configure using various methods
  crypto          Configure IPSec, ISAKMP, Certification, authority, key
  dhcpd           Configure DHCP Server
  domain-name     Change domain name
  enable          Configure password for the enable command
  end             Exit from configure mode
  exit            Exit from configure mode
  group-policy    Configure or remove a group policy
  hostname        Change host name of the system
  http            Configure http server and https related commands
  interface       Select an interface to configure
  ipv6            Global IPv6 configuration commands
  name            Associate a name with an IP address
  names           Enable/Disable IP address to name mapping
  no              Negate a command or set its defaults
  ntp             Configure NTP
  object          Configure an object
  object-group    Create an object group for use in 'access-list', etc
  passwd          Change Telnet console access password
  policy-map      Configure MPF Parameter Map
  route           Configure a static route for an interface
  router          Enable a routing process
  service-policy  Configure MPF service policy
  setup           Pre-configure the system
  ssh             Configure SSH options
  telnet          Add telnet access to system console or set idle timeout
  tunnel-group    Create and manage the database of connection specific records
                  for IPSec connections
  username        Configure user authentication local database
  webvpn          Configure the WebVPN service

 

那么,Packet Tracer中的ASA是否与实际的ASA有很大不同?或...如何学习带Packet Tracer的ASA?我可能完全错了,所以如果你知道,请分享你的知识。 

(说实话,我不确定我如何明确地提出一个问题。)

 

谢谢!

 

*这是我首次在思科社区上提问。如果有不成熟的地方,还请谅解。

3 个已接受解答

已接受的解答

Translator
Community Manager
Community Manager

Hello,

 

与“真实”ASA相比,Packet Tracer中的ASA在命令方面非常有限。它只包含一小部分通常可用的命令。 

在原帖中查看解决方案

Translator
Community Manager
Community Manager

很不幸,我不是PT用户,但我可以在CML和其他仿真器/模拟器全部功能中使用。

 

如果您希望了解GNS3/PNET/EVE或支付CML 200美元版本

在原帖中查看解决方案

Translator
Community Manager
Community Manager

嗨,

旧的第一代ASA防火墙在ebay或在线市场上应该便宜。

买5505或5510。如果卖家的技术足够强,也许你可以要求他加载最新的操作系统。

以上ASA版本9.1对您的学习应有帮助。

在原帖中查看解决方案

9 条回复9

Translator
Community Manager
Community Manager

您能否从#

 

除了硬件与虚拟的某些限制外,大多数硬件应按预期工作

在我的实验(非PT)上,但不同的仿真器:

 

ciscoasa# show conn 
0 in use, 8 most used




ciscoasa(config)# logging enable
ciscoasa(config)# end




ciscoasa# show version

Cisco Adaptive Security Appliance Software Version 9.1(5)16
Device Manager Version 7.3(3)




ciscoasa# show firewall
Firewall mode: Router


Translator
Community Manager
Community Manager

以下是ASA(Packet Tracer)中命令“show version”的结果。

 

ciscoasa#show version

Cisco Adaptive Security Appliance Software Version 9.6(1)
Device Manager Version 7.6(1)

Compiled on Fri 18-Mar-16 14:04 PDT by builders
System image file is "disk0:/asa961-lfbff-k8.SPA"
Config file at boot was "startup-config"

ciscoasa up 25 minutes 34 seconds

Hardware:   ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
Internal ATA Compact Flash, 7168MB
BIOS Flash M25P64 @ 0xfed01000, 16384KB

Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
                             Number of accelerators: 1

 1: Ext: GigabitEthernet1/1  : address is 0090.2B54.ED01, irq 255
 2: Ext: GigabitEthernet1/2  : address is 0090.2B54.ED02, irq 255
 3: Ext: GigabitEthernet1/3  : address is 0090.2B54.ED03, irq 255
 4: Ext: GigabitEthernet1/4  : address is 0090.2B54.ED04, irq 255
 5: Ext: GigabitEthernet1/5  : address is 0090.2B54.ED05, irq 255
 6: Ext: GigabitEthernet1/6  : address is 0090.2B54.ED06, irq 255
 7: Ext: GigabitEthernet1/7  : address is 0090.2B54.ED07, irq 255
 8: Ext: GigabitEthernet1/8  : address is 0090.2B54.ED08, irq 255
 9: Int: Internal-Data1/1    : address is 0090.2B54.ED09, irq 0
10: Int: Internal-Data1/2    : address is 0000.0001.0002, irq 0
11: Int: Internal-Control1/1 : address is 0000.0001.0001, irq 0
12: Int: Internal-Data1/3    : address is 0000.0001.0003, irq 0
13: Int: Management1/1       : address is 0090.2B54.ED09, irq 0

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 30             perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Standby perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Carrier                           : Disabled       perpetual
AnyConnect Premium Peers          : 4              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 50             perpetual
Total VPN Peers                   : 50             perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
Shared License                    : Disabled       perpetual
Total UC Proxy Sessions           : 160            perpetual
Botnet Traffic Filter             : Disabled       perpetual
Cluster                           : Disabled       perpetual

This platform has an ASA 5506 Security Plus license.

Serial Number: JMX1536DL8X-
Running Permanent Activation Key: 0x667D913D 0x55068191 0x085889BB 0x9946108D 0x2851A88D
Configuration register is 0x1
Image type                : Release
Key Version               : A
Configuration has not been modified since last system restart.

 感谢您的回应! 

Translator
Community Manager
Community Manager

哪条命令不起作用,这应该与输出一样好。

 

Translator
Community Manager
Community Manager

这是不起作用的命令(实际上,我写了一些我无法用在问题上的命令),

Packet Tracer中的ASA将我的命令视为无效输入。

ciscoasa(config)#show conn
                  ^
% Invalid input detected at '^' marker.
ciscoasa(config)#logging enable
                 ^
% Invalid input detected at '^' marker.

 

Translator
Community Manager
Community Manager

Hello,

 

与“真实”ASA相比,Packet Tracer中的ASA在命令方面非常有限。它只包含一小部分通常可用的命令。 

Translator
Community Manager
Community Manager

感谢您简单直观的回答!

 

如果是,我应该学习什么ASA而不购买真正的ASA设备?我只学过使用Cisco Packet Tracer的网络,因此我认为是时候使用其他软件(平台)继续学习了。

 

你能给我点建议吗?这对我很有帮助。

 

谢谢!

Translator
Community Manager
Community Manager

嗨,

旧的第一代ASA防火墙在ebay或在线市场上应该便宜。

买5505或5510。如果卖家的技术足够强,也许你可以要求他加载最新的操作系统。

以上ASA版本9.1对您的学习应有帮助。

Translator
Community Manager
Community Manager

很不幸,我不是PT用户,但我可以在CML和其他仿真器/模拟器全部功能中使用。

 

如果您希望了解GNS3/PNET/EVE或支付CML 200美元版本

Translator
Community Manager
Community Manager

现在,我正在学习带GNS3的ASA。 

谢谢! 

入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:







快捷链接