Main > WorkPad > WorkPadTestASAGeolocation

TestSetup

1 & 2

no dhcpd address 192.168.1.2-192.168.1.254 management
no dhcpd enable management

2

interface Management0/0
 ip address 192.168.1.2 255.255.255.0

1 & 2

mode multiple

1

hostname asa135
mac-address auto prefix 1234
interface GigabitEthernet0/0
 description -- Trunk
 no shutdown
interface GigabitEthernet0/0.150
 description -- 135A
 vlan 150
 no shutdown
interface GigabitEthernet0/0.151
 description -- 135B
 vlan 151
 no shutdown
interface GigabitEthernet0/0.152
 description -- 135C
 vlan 152
 no shutdown
interface GigabitEthernet0/0.200
 description -- TransferA
 vlan 200
 no shutdown
interface GigabitEthernet0/0.201
 description -- TransferB
 vlan 201
 no shutdown
interface GigabitEthernet0/0.202
 description -- TransferC
 vlan 202
 no shutdown

2

hostname asa131
mac-address auto prefix 1235
interface GigabitEthernet0/0
 description -- Trunk
 no shutdown
interface GigabitEthernet0/0.150
 description -- 131A
 vlan 150
 no shutdown
interface GigabitEthernet0/0.151
 description -- 131B
 vlan 151
 no shutdown
interface GigabitEthernet0/0.152
 description -- 131C
 vlan 152
 no shutdown
interface GigabitEthernet0/0.200
 description -- TransferA
 vlan 200
 no shutdown
interface GigabitEthernet0/0.201
 description -- TransferB
 vlan 201
 no shutdown
interface GigabitEthernet0/0.202
 description -- TransferC
 vlan 202
 no shutdown

1 & 2

context KundeA
  description -- Virtuelle Firewall KundeA
  allocate-interface GigabitEthernet0/0.150
  allocate-interface GigabitEthernet0/0.200
  config-url disk0:/kundea.cfg
context KundeB
  description -- Virtuelle Firewall KundeB
  allocate-interface GigabitEthernet0/0.151
  allocate-interface GigabitEthernet0/0.201
  config-url disk0:/kundeb.cfg
context KundeC
  description -- Virtuelle Firewall KundeC
  allocate-interface GigabitEthernet0/0.152
  allocate-interface GigabitEthernet0/0.202
  config-url disk0:/kundec.cfg

1 contextA

interface GigabitEthernet0/0.150
 nameif inside
 security-level 100
 ip address 10.135.150.4 255.255.255.248
!
interface GigabitEthernet0/0.200
 nameif outside
 security-level 0
 ip address 10.135.200.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.135.200.3
route inside 10.135.100.0 255.255.255.0 10.135.150.3

1 contextB

interface GigabitEthernet0/0.151
 nameif inside
 security-level 100
 ip address 10.135.151.4 255.255.255.248
!
interface GigabitEthernet0/0.201
 nameif outside
 security-level 0
 ip address 10.135.201.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.135.201.3
route inside 10.135.101.0 255.255.255.0 10.135.151.3

1 contextC

interface GigabitEthernet0/0.152
 nameif inside
 security-level 100
 ip address 10.135.152.4 255.255.255.248
!
interface GigabitEthernet0/0.202
 nameif outside
 security-level 0
 ip address 10.135.202.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.135.202.3
route inside 10.135.102.0 255.255.255.0 10.135.152.3

2 contextA

interface GigabitEthernet0/0.150
 nameif inside
 security-level 100
 ip address 10.131.150.4 255.255.255.248
!
interface GigabitEthernet0/0.200
 nameif outside
 security-level 0
 ip address 10.131.200.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.131.200.3
route inside 10.131.100.0 255.255.255.0 10.131.150.3

2 contextB

interface GigabitEthernet0/0.151
 nameif inside
 security-level 100
 ip address 10.131.151.4 255.255.255.248
!
interface GigabitEthernet0/0.201
 nameif outside
 security-level 0
 ip address 10.131.201.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.131.201.3
route inside 10.131.101.0 255.255.255.0 10.131.151.3

2 contextC

interface GigabitEthernet0/0.152
 nameif inside
 security-level 100
 ip address 10.131.152.4 255.255.255.248
!
interface GigabitEthernet0/0.202
 nameif outside
 security-level 0
 ip address 10.131.202.4 255.255.255.248
access-list outside_acl extended permit ip any any
access-list inside_acl extended permit ip any any
access-group inside_acl in interface inside
access-group outside_acl in interface outside
route outside 0.0.0.0 0.0.0.0 10.131.202.3
route inside 10.131.102.0 255.255.255.0 10.131.152.3