{"id":1645,"date":"2025-11-26T02:21:54","date_gmt":"2025-11-25T17:21:54","guid":{"rendered":"https:\/\/mylifeisbeautiful555.net\/?page_id=1645"},"modified":"2025-11-29T03:34:19","modified_gmt":"2025-11-28T18:34:19","slug":"%e3%82%88%e3%81%8f%e3%81%82%e3%82%8b%e5%86%85%e9%83%a8%e3%82%a8%e3%83%a9%e3%83%bc%e3%81%ae%e5%8e%9f%e5%9b%a0%ef%bc%88firepower-vpn%ef%bc%89","status":"publish","type":"page","link":"https:\/\/mylifeisbeautiful555.net\/?page_id=1645","title":{"rendered":"\u3088\u304f\u3042\u308b\u5185\u90e8\u30a8\u30e9\u30fc\u306e\u539f\u56e0\uff08Firepower\uff09"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">\u2460 <strong>AnyConnect\uff08Cisco Secure Client\uff09\u30a4\u30e1\u30fc\u30b8\u304c\u672a\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9<\/strong><\/h2>\n\n\n\n<p>Firepower \u3067 RA-VPN \u3092\u52d5\u304b\u3059\u5834\u5408\u3001<br><strong>CSD \/ SBL \/ webvpn \u7528\u306e AnyConnect \u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u5fc5\u8981<\/strong> \u3067\u3059\u3002<\/p>\n\n\n\n<p>\u672a\u767b\u9332\u306e\u72b6\u614b\u3067\u63a5\u7d9a\u3059\u308b\u3068\u3001\u5185\u90e8\u30a8\u30e9\u30fc\u304c\u51fa\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u78ba\u8a8d\u30b3\u30de\u30f3\u30c9\uff08ASA \u30e2\u30fc\u30c9\uff09<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>show webvpn anyconnect\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u6b63\u3057\u3044\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u4f8b<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>webvpn\n  anyconnect image disk0:\/anyconnect-win-5.x.x-k9.pkg 1\n  anyconnect enable<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u2461 <strong>\u8a3c\u660e\u66f8\u306e\u5931\u6557\uff08\u81ea\u5df1\u7f72\u540d\u306e\u671f\u9650\u5207\u308c\u3001\u591a\u91cd CN\u3001\u4e0d\u6b63\u306a Key\uff09<\/strong><\/h2>\n\n\n\n<p>Firepower \u306f TLS \u30cf\u30f3\u30c9\u30b7\u30a7\u30a4\u30af\u90e8\u5206\u304c\u53b3\u3057\u304f\u3001\u4ee5\u4e0b\u3067\u5185\u90e8\u30a8\u30e9\u30fc\u304c\u8d77\u3053\u308a\u307e\u3059\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30eb\u30fc\u30c8\u8a3c\u660e\u66f8\u304c\u53e4\u3044\uff0f\u671f\u9650\u5207\u308c<\/li>\n\n\n\n<li>CN\uff08CommonName\uff09\u304c FQDN \u3068\u4e00\u81f4\u3057\u306a\u3044<\/li>\n\n\n\n<li>\u30ad\u30fc\u9577\u304c 2048 \u672a\u6e80<\/li>\n\n\n\n<li>\u7121\u52b9\u306a PEM\/PKCS12 \u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u305f<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u78ba\u8a8d<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>show crypto ca certificates\nshow running-config crypto ca trustpoints<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u2462 <strong>DH \u30b0\u30eb\u30fc\u30d7\u30fb\u6697\u53f7\u30b9\u30a4\u30fc\u30c8\u4e0d\u4e00\u81f4\uff08TLS \u30a8\u30e9\u30fc\uff09<\/strong><\/h2>\n\n\n\n<p>Secure Client \u304c TLS1.2 \u4ee5\u4e0a\u3092\u4f7f\u304a\u3046\u3068\u3059\u308b\u304c\u3001<br><strong>Firepower \u5074\u306e SSL \u8a2d\u5b9a\u304c\u53e4\u3044<\/strong> \u3068\u5185\u90e8\u30a8\u30e9\u30fc\u306b\u306a\u308b\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u78ba\u8a8d<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>show ssl settings\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">\u63a8\u5968\u8a2d\u5b9a<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>ssl server-version tlsv1.2\nssl client-version tlsv1.2\nssl cipher tlsv1.2 custom \"ECDHE-RSA-AES256-SHA384\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u2463 <strong>\u30b0\u30eb\u30fc\u30d7\u30dd\u30ea\u30b7\u30fc\u307e\u305f\u306f\u30c8\u30f3\u30cd\u30eb\u30b0\u30eb\u30fc\u30d7\u306e\u8a2d\u5b9a\u4e0d\u5099<\/strong><\/h2>\n\n\n\n<p>\u8a2d\u5b9a\u9014\u4e2d\u3067\u3088\u304f\u767a\u751f\u3059\u308b\u30d1\u30bf\u30fc\u30f3\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a2\u30c9\u30ec\u30b9\u30d7\u30fc\u30eb\u672a\u8a2d\u5b9a<\/li>\n\n\n\n<li>\u8a8d\u8a3c\u30b5\u30fc\u30d0\uff08AAA\u30b5\u30fc\u30d0\uff09\u304c\u7121\u52b9<\/li>\n\n\n\n<li>\u30dd\u30ea\u30b7\u30fc\u4e2d\u306e \u201cdefault-domain\u201d \u304c\u4e0d\u6b63<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u78ba\u8a8d<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>show running-config tunnel-group\nshow running-config group-policy<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u2464 <strong>NAT \u30a8\u30e9\u30fc\uff08VPN \u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304c NATTED \u3055\u308c\u308b\uff09<\/strong><\/h2>\n\n\n\n<p>\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5b9b\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304c\u8aa4\u3063\u3066 PAT \u3055\u308c\u3001\u30a8\u30e9\u30fc\u306e\u3082\u3068\u306b\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">&#x1f527; \u5fc5\u9808\u306e NAT exemption<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>nat (inside,outside) source static inside inside destination static VPN_POOL VPN_POOL no-proxy-arp\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u2465 <strong>FTD\u7ba1\u7406\u30e2\u30fc\u30c9\u306e\u4e0d\u6574\u5408\uff08FMC\/FDM\/ASA \u5207\u308a\u66ff\u3048\u6642\uff09<\/strong><\/h2>\n\n\n\n<p>Firepower 1010 \u3067\u3088\u304f\u8d77\u3053\u308b\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>ASA \u2192 FTD \u3078\u5207\u308a\u66ff\u3048\u5f8c\u306b\u6b8b\u9ab8\u30b3\u30f3\u30d5\u30a3\u30b0\u304c\u3042\u308b<\/li>\n\n\n\n<li>FDM \/ FMC \u304c\u4e2d\u9014\u534a\u7aef\u306b\u6b8b\u3063\u3066\u3044\u308b<\/li>\n\n\n\n<li>\u30e9\u30a4\u30bb\u30f3\u30b9\u304c RA-VPN \u3092\u8a31\u53ef\u3057\u3066\u3044\u306a\u3044<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading\">\u307e\u305a\u78ba\u8a8d\u3059\u3079\u304d3\u3064\u306e\u30b3\u30de\u30f3\u30c9<\/h1>\n\n\n\n<pre class=\"wp-block-code\"><code>show vpn-sessiondb anyconnect\nshow webvpn anyconnect\nshow logging<\/code><\/pre>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u2460 AnyConnect\uff08Cisco Secure Client\uff09\u30a4\u30e1\u30fc\u30b8\u304c\u672a\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9 Firepower \u3067 RA-VPN \u3092\u52d5\u304b\u3059\u5834\u5408\u3001CSD \/ SBL \/ webvpn \u7528\u306e AnyConnect \u30d1\u30c3\u30b1\u30fc\u30b8 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1645","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1645","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1645"}],"version-history":[{"count":6,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1645\/revisions"}],"predecessor-version":[{"id":1657,"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=\/wp\/v2\/pages\/1645\/revisions\/1657"}],"wp:attachment":[{"href":"https:\/\/mylifeisbeautiful555.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1645"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}