CCSP/CCVP --ASA 5520配置例子

　　nat (sprint) 0 access-list NONAT

　　nat (secure) 0 access-list NONAT

　　nat (inside_data) 1 access-list HIDING

　　route inside_data 172.26.25.0 255.255.255.0 172.26.24.5 1

　　route inside_data 172.26.22.0 255.255.255.0 172.26.24.5 1

　　route inside_data 172.26.16.0 255.255.255.0 172.26.24.5 1

　　route sprint 172.16.0.0 255.240.0.0 172.26.24.10 1

　　route sprint 10.0.0.0 255.0.0.0 172.26.24.10 1

　　route sprint 192.168.0.0 255.255.0.0 172.26.24.10 1access-group POLICY in interface inside_data per-user-override

　　access-group POLICY in interface inside_voice

　　access-group POLICY in interface web

　　access-group POLICY in interface secure per-user-override

　　access-group POLICY in interface sprint per-user-override

　　access-group POLICY in interface outsidetimeout xlate 3:00:00

　　timeout conn 2:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:10

　　timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

　　timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

　　timeout uauth 0:00:00 absolute uauth 0:15:00 inactivityvirtual telnet 172.26.24.xxauth-prompt prompt Please enter your username and password

　　auth-prompt accept Authentication succeeded.

　　auth-prompt reject Authentication failed. Try again.

　　telnet timeout 5

　　ssh scopy enable

　　ssh 172.22.161.0 255.255.255.0 sprint

　　ssh 172.26.16.0 255.255.255.0 inside_data