当前位置：首页 > news >正文

做网站的案例wordpress404页面更爱

news 2025/12/7 9:02:10

做网站的案例,wordpress404页面更爱,做网站需要多少,wordpress获取域名基于ASA防火墙的SSL 配置实验拓扑图实验目的#xff0c;PC2通过SSL能够访问到PC1SSL服务端配置全在ASA上面#xff0c;下面为配置步骤#xff1a;第一步#xff1a;建立RSA密钥证书#xff0c;名称为ssl***keypaircrypto key generate rsa label ssl***keypair第二步PC2通过SSL×××能够访问到PC1SSL×××服务端配置全在ASA上面下面为配置步骤第一步建立RSA密钥证书名称为ssl***keypaircrypto key generate rsa label ssl***keypair第二步建立自我信任点CA名称为localtrust。加载RSA密钥证书crypto ca trustpoint localtrustenrollment selffqdn ssl***.luotao.comsubject-name CNssl***.luotao.comkeypair ssl***keypaircrypto ca enroll localtrust noconfirmexit第三步将CA信任点localtrust应用到OUTSIDE口ssl trust-point localtrust outside第四步将客户端上传到ASA并安装开启SVC在outside口。copy tftp disk0:web*** svc p_w_picpath disk0:/sslclient.pkg 1svc outside svc enableexit第五步建立clientpool给客户端分配IPip local pool sslclientpool 10.10.10.10-10.10.10.50 mask 255.255.255.0第六步创建组策略名为sslclientpolicy设置类型组策略属性包括设置DNS指定隧道协议SVC设置域名加载客户端poolgroup-policy sslclientpolicy internalgroup-policy sslclientpolicy attributesdns-server value 202.96.134.133***-tunnel-protocol svc default-domain value luotao.comaddress-pools value sslclientpoolexit第七步设计访问列表旁路×××流量不受outside口ACL限制。sysopt connection permit-*** 第八步创建tunnel-group隧道组sslclientprofile组属性包括加载组策略sslclientpolicy以及设置登陆时看到的组名称ssl***clienttunnel-group sslclientprofile type remote-accesstunnel-group sslclientprofile general-attributesdefault-group-policy sslclientpolicytunnel-group sslclientprofile web***-attributesgroup-alias ssl***client enableexit第九步开启tunnel-group列表功能开启则在SSL客户端显示GROUP名称否则不显示。web***tunnel-group-list enableexit第十步配置NAT免除不让SSL×××的流量经过NATaccess-list nat0 extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.255.255.0 nat (inside) 0 access-list nat0第十一步建立本地用户供SSLCLIENT登陆时使用。username cisco password ciscousername cisco attributesservice-type remote-accessexit第十二步配置隧道分离用ACL匹配流量应用到组策略中。作用是在访问SSL×××的同时还可以访问internet与其它网络。access-list splitssltunnel standard permit 192.168.1.0 255.255.255.0 group-policy sslclientpolicy attributessplit-tunnel-policy tunnelspecifiedsplit-tunnel-network-list value splitssltunnelexit第十三步保存配置save 在PC2上输入 https://1.1.1.1 按照步骤配置客户端客户端状态隧道分离测试ping 192.168.1.2 OK访问PC1上的FTP OK最后上全部配置文件ciscoasa(config)# sh run: Saved:ASA Version 8.0(2) !hostname ciscoasaenable password 8Ry2YjIyt7RRXU24 encryptednames!interface Ethernet0/0nameif insidesecurity-level 100ip address 192.168.1.1 255.255.255.0 !interface Ethernet0/1nameif outsidesecurity-level 0ip address 1.1.1.1 255.255.255.0 !interface Ethernet0/2shutdownno nameifno security-levelno ip address!interface Ethernet0/3shutdown no nameifno security-levelno ip address!interface Ethernet0/4shutdownno nameifno security-levelno ip address!interface Ethernet0/5shutdownno nameifno security-levelno ip address!passwd 2KFQnbNIdI.2KYOU encryptedftp mode passiveaccess-list nat0 extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.255.255.0 access-list splitssltunnel standard permit 192.168.1.0 255.255.255.0 pager lines 24mtu inside 1500mtu outside 1500ip local pool sslclientpool 10.10.10.10-10.10.10.50 mask 255.255.255.0no failovericmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400nat (inside) 0 access-list nat0route outside 0.0.0.0 0.0.0.0 1.1.1.2 1timeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout uauth 0:05:00 absolutedynamic-access-policy-record DfltAccessPolicyno snmp-server locationno snmp-server contactsnmp-server enable traps snmp authentication linkup linkdown coldstartcrypto ca trustpoint localtrustenrollment selffqdn ssl***.luotao.comsubject-name CNssl***.luotao.comkeypair ssl***keypaircrl configurecrypto ca certificate chain localtrustcertificate 31308201f0 30820159 a0030201 02020131 300d0609 2a864886 f70d0101 04050030 3e311a30 18060355 04031311 73736c76 706e2e6c 756f7461 6f2e636f 6d312030 1e06092a 864886f7 0d010902 16117373 6c76706e 2e6c756f 74616f2e 636f6d30 1e170d39 39313133 30303030 3630375a 170d3039 31313237 30303036 30375a30 3e311a30 18060355 04031311 73736c76 706e2e6c 756f7461 6f2e636f 6d312030 1e06092a 864886f7 0d010902 16117373 6c76706e 2e6c756f 74616f2e 636f6d30 819f300d 06092a86 4886f70d 01010105 0003818d 00308189 02818100 89432e7b bde8efe4 c6bff55e 19dd1827 35004897 100afd21 dd0a975c 2c909111 1aca7622 d384dca2 ee5634de 40809693 d62c0b91 c5992176 791dd02e 33bbd56f d09ccb4c b39f8d74 1edff436 51f9f759 2c01cb26 b2a70592 a7bbc4c2 793c2132 24d21e2d 94c87c76 487b8c76 c4c02696 f63a2758 abece6ff 47e9c4a5 d194e9cf 02030100 01300d06 092a8648 86f70d01 01040500 03818100 57296309 1982e43e 45185e2e 33768095 a30c414c ae6ad9d6 45f16bbc 728b0fd0 60185281 15a3226e 654ca746 d810ded1 5727fb17 808ef178 afa72a99 a1ed4863 99cf1356 a65574c7 3eecef34 6c99d087 04233074 26517e3d 48b838c6 9f0cb782 06d740cd 794aaa32 124f910f 095cdab1 66f1b848 f0285f1f 5a08b012 fb2f3815quitno crypto isakmp nat-traversaltelnet timeout 5ssh timeout 5console timeout 0threat-detection basic-threatthreat-detection statistics access-list!class-map inspection_defaultmatch default-inspection-traffic!!policy-map type inspect dns preset_dns_mapparametersmessage-length maximum 512policy-map global_policyclass inspection_defaultinspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp !service-policy global_policy globalssl trust-point localtrust outsideweb***enable outsidesvc p_w_picpath disk0:/sslclient.pkg 1svc enabletunnel-group-list enablegroup-policy sslclientpolicy internalgroup-policy sslclientpolicy attributesdns-server value 202.96.134.133***-tunnel-protocol svc split-tunnel-policy tunnelspecifiedsplit-tunnel-network-list value splitssltunneldefault-domain value luotao.comaddress-pools value sslclientpoolusername cisco password 3USUcOPFUiMCO4Jk encryptedusername cisco attributesservice-type remote-accesstunnel-group sslclientprofile type remote-accesstunnel-group sslclientprofile general-attributesdefault-group-policy sslclientpolicytunnel-group sslclientprofile web***-attributesgroup-alias ssl***client enableprompt hostname context Cryptochecksum:3aee551f153ae30800bfb0ef4362cac8: end 转载于:https://blog.51cto.com/ljl2013/1346678

查看全文

http://wiki.neutronadmin.com/news/143568/