Hi các bạn

Mình có hệ thống mạng như sau

internet - - asa - -lan 1 - - router wifi - - lan 2

asa outside : 10.0.0.2 , inside : 172.22.1.4

Cung cấp hdcp cho lan 1 :172.22.1.45 - 250

router wifi : ip wan 172.22.1.53, ip lan : 172.22.3.1

Cung cap dhcp cho lan 2 : 172.22.3.100 - 200

Mình vẫn chưa làm cho lan 1 và lan 2 thấy nhau

Xin chỉ mình chỗ nào còn thiếu trong cấu hình nhé

Dưới đâu là cấu hình asa 5510 của mình :


ciscoasa# sh run
: Saved
:
ASA Version 8.0(4)
!
hostname ciscoasa
enable password f57qtI8jSkkgaFlw encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
nameif Outside
security-level 0
ip address 10.0.0.2 255.255.0.0
!
interface Ethernet0/1
nameif Inside
security-level 100
ip address 172.22.1.4 255.255.255.0
!
interface Ethernet0/2
shutdown
nameif DMZ
security-level 50
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone ICT 7
access-list acout extended permit icmp any any
access-list acout extended permit icmp any any echo
access-list acout extended permit icmp any any echo-reply
access-list acout extended permit ip any any
access-list acin extended permit icmp any any
access-list acin extended permit icmp any any echo-reply
access-list acin extended permit ip any any
pager lines 24
mtu Outside 1500
mtu Inside 1500
mtu DMZ 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-645.bin
no asdm history enable
arp timeout 14400
nat-control
global (Outside) 1 interface
nat (Inside) 1 0.0.0.0 0.0.0.0
route Outside 0.0.0.0 0.0.0.0 10.0.0.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication telnet console LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
http server enable
http 172.22.1.0 255.255.255.0 Inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet 172.22.1.0 255.255.255.0 Inside
telnet timeout 5
ssh 172.22.1.0 255.255.255.0 Inside
ssh timeout 5
ssh version 2
console timeout 0
dhcpd dns 203.162.4.190 203.162.4.191
dhcpd lease 3000
dhcpd domain hgvietnam.com
!
dhcpd address 172.22.1.45-172.22.1.250 Inside
dhcpd enable Inside
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username pvid password I3o1eQHx3WFhGldN encrypted
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect http
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:4d6033524eef739d62642913ea4f013e
: end
ciscoasa#