1、ASA定义3A:
aaa-server 3A protocol tacacs+
aaa-server 3A (DMZ) host 192.168.1.241
key cisco123
2、Outbound virtual telnet:
virtual telnet 202.100.1.100
access-list vir-telnet extended permit ip 10.1.1.0 255.255.255.0 any
access-list vir-telnet extended permit tcp 10.1.1.0 255.255.255.0 host 202.100.1.100 eq telnet
aaa authentication match vir-telnet Inside 3A
3、Inbound virtual telnet:
virtual telnet 202.100.1.100
access-list out extended permit tcp any host 10.1.1.1 eq telnet
access-list out extended permit tcp any host 202.100.1.100 eq telnet
access-list vir-in-telnet extended permit tcp any host 10.1.1.1 eq 3023
access-list vir-in-telnet extended permit tcp any host 202.100.1.100 eq telnet
static (Inside,Outside) 202.100.1.100 202.100.1.100 netmask 255.255.255.255
aaa authentication match vir-in-telnet Outside 3A