1、ASA定义3A:

aaa-server 3A protocol tacacs+

aaa-server 3A (DMZ) host 192.168.1.241

key cisco123

2、Outbound virtual telnet:

virtual telnet 202.100.1.100

access-list vir-telnet extended permit ip 10.1.1.0 255.255.255.0 any

access-list vir-telnet extended permit tcp 10.1.1.0 255.255.255.0 host 202.100.1.100 eq telnet

aaa authentication match vir-telnet Inside 3A

3、Inbound virtual telnet:

virtual telnet 202.100.1.100

access-list out extended permit tcp any host 10.1.1.1 eq telnet

access-list out extended permit tcp any host 202.100.1.100 eq telnet

access-list vir-in-telnet extended permit tcp any host 10.1.1.1 eq 3023
 

access-list vir-in-telnet extended permit tcp any host 202.100.1.100 eq telnet

static (Inside,Outside) 202.100.1.100 202.100.1.100 netmask 255.255.255.255

aaa authentication match vir-in-telnet Outside 3A