Здравствуйте.
Получил файрвол ASA 5505, ковыряю пока на столе. И сразу возникает куча вопрсов. Для начала пытаюсь прописать правило global для outside, но циска не знает слова global т.е. после него ввожу поросик, а в ответ: ERROR: % Unrecognized command.
Собственно от чего может быть? Железка новая, настраиваю впервые, может какието начальные настройки не сделал..

Привожу конфиг:

f1# sh run
: Saved
:
ASA Version 8.3(1)
!
hostname f1
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
nameif INSIDE
security-level 100
ip address 10.0.8.11 255.0.0.0
!
interface Vlan2
nameif OUTSIDE
security-level 0
ip address dhcp setroute
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
shutdown
!
interface Ethernet0/3
shutdown
!
interface Ethernet0/4
shutdown
!
interface Ethernet0/5
shutdown
!
interface Ethernet0/6
shutdown
!
interface Ethernet0/7
shutdown
!
ftp mode passive
access-list outside_in extended permit icmp any any echo-reply
access-list outside_in extended deny ip any any log
pager lines 24
mtu INSIDE 1500
mtu OUTSIDE 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
!
!
prompt hostname context
call-home
profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DD
CEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:4a1a3b8ea649a5f6110ddd69fc3ae7c8
: end

f1# sh ver

Cisco Adaptive Security Appliance Software Version 8.3(1)
Device Manager Version 6.3(1)

Compiled on Thu 04-Mar-10 16:56 by builders
System image file is "disk0:/asa831-k8.bin"
Config file at boot was "startup-config"

f1 up 13 mins 55 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
                             Boot microcode   : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.06
0: Int: Internal-Data0/0    : address is d0d0.fdf1.8a9d, irq 11
1: Ext: Ethernet0/0         : address is d0d0.fdf1.8a95, irq 255
2: Ext: Ethernet0/1         : address is d0d0.fdf1.8a96, irq 255
3: Ext: Ethernet0/2         : address is d0d0.fdf1.8a97, irq 255
4: Ext: Ethernet0/3         : address is d0d0.fdf1.8a98, irq 255
5: Ext: Ethernet0/4         : address is d0d0.fdf1.8a99, irq 255
6: Ext: Ethernet0/5         : address is d0d0.fdf1.8a9a, irq 255
7: Ext: Ethernet0/6         : address is d0d0.fdf1.8a9b, irq 255
8: Ext: Ethernet0/7         : address is d0d0.fdf1.8a9c, irq 255
9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255
10: Int: Not used            : irq 255
11: Int: Not used            : irq 255

Licensed features for this platform:
Maximum Physical Interfaces    : 8              perpetual
VLANs                          : 3              DMZ Restricted
Dual ISPs                      : Disabled       perpetual
VLAN Trunk Ports               : 0              perpetual
Inside Hosts                   : Unlimited      perpetual
Failover                       : Disabled       perpetual
VPN-DES                        : Enabled        perpetual
VPN-3DES-AES                   : Disabled       perpetual
SSL VPN Peers                  : 2              perpetual
Total VPN Peers                : 10             perpetual
Shared License                 : Disabled       perpetual
AnyConnect for Mobile          : Disabled       perpetual
AnyConnect for Cisco VPN Phone : Disabled       perpetual
AnyConnect Essentials          : Disabled       perpetual
Advanced Endpoint Assessment   : Disabled       perpetual
UC Phone Proxy Sessions        : 2              perpetual
Total UC Proxy Sessions        : 2              perpetual
Botnet Traffic Filter          : Disabled       perpetual
Intercompany Media Engine      : Disabled       perpetual

This platform has a Base license.

Serial Number: JMX143340X3
Running Permanent Activation Key: 0x6925e051 0x2cd7e13d 0x7c322d74 0xba0084c4 0x
c62507ab
Configuration register is 0x2101
Configuration last modified by enable_15 at 03:50:16.489 UTC Mon Oct 11 2010