1 月 152014
定义对象类型为主机
object network 192.168.15.10 host 192.168.15.10
定义对象组并添加一条开放3389端口的服务
object-group service 192.168.3.101 service-object tcp-udp destination eq 3389
添加静态NAT映射
object network 192.168.15.10 nat (inside,outside) static 192.168.3.101 dns
添加访问控制列表
access-list outside_access extended permit object-group 192.168.3.101 any object 192.168.15.10 access-list outside_access_in extended permit ip any any
应用访问控制列表
access-group outside_access_in in interface outside control-plane access-group outside_access in interface outside
尝试连接防火墙上开放的服务端口(远程桌面 3389)
点连接后提示输入用户名和密码,证实开放端口服务的会话已经开始
