Now this interface is attached to VLAN 2 and operational. In this example I will attach the interface “Ethernet 0” to the outside VLAN (VLAN 2) and make the port operational.ĮxampleASA(config)# interface ethernet0/0ĮxampleASA(config-if)# switchport access vlan 2 Now we need to attach the outside VLAN to one of the interfaces of the ASA.īy default all the interfaces are attached to VLAN 1 and by default all the interfaces are in the “shutdown” state. With this command you dont need to configure a default gateway since you will get this from your provider. If your provider gives you a IP address trough DHCP the configuration is a little easier.ĮxampleASA(config-if)# ip address dhcp setroute You also need to make a static route if your provider supplied you with a static IP address. INFO: Security level for outside set to 0 by default.ĮxampleASA(config)# route outside 0.0.0.0 0.0.0.0 212.115.192.192Īs you can see the ASA sets the security level of the interface called outside to 0. Now we will start on the outside (WAN) configuration.ĭepending on the provider you might have to do this a little bit different but I will start with a static IP address first.ĮxampleASA(config-if)# ip address 212.115.192.193 255.255.255.248 This means that no one from the outside can start a session to the inside. With security levels you can always go from high (100) to low (0) but never the other way around unless configured otherwise.
INFO: Security level for "inside" set to 100 by default.Īll the ASA devices work with security levels that you apply to VLANs/interfaces. With the ASA 5505 you work with VLANs instead of assigning IP addresses to actual interfaces. Now that this is done we will configure the inside (LAN) address of the ASA.
Setup cisco asa 5505 full#
Privilege 15 is the highest of the privileges and gives you full control over the device. Setting your privilege to 15 is very important if you’re the one that is going to manage the ASA.
Setup cisco asa 5505 password#
Now we will set a username and password so you can actually manage the ASA from your desk with SSH/Telnet/ASDM.ĮxampleASA(config)# username example password example privilege 15 Now we will give our ASA another hostname.Īs you can see the hostname changes immediately. Notice the (config) behind the device hostname. You can do this by issuing the command “configure terminal” The 1st thing you want to do is get into configuration mode. Now enter enabled mode (look up if you forgot how to) and issue the command “show running-config“. Pre-configure Firewall now through interactive prompts ?Īnswer with “no” since you want to configure the ASA yourself (you want to be a cisco engineer right ?). Now when your router is restarted you will get this question:
You will use the “reload” command for this. Now that you erased your startup configuration you will need to reload the ASA to get a clean configuration. You will be prompted to confirm that you want to erase the configuration. You might wonder why but there is a lot of stuff in that configuration that you don’t need/want and could even cause some network issues if you connected it to your network (DHCP).Įrase configuration in flash memory? This will delete all the default configuration Cisco made for you. The 1st thing you want to do is type the command “write erase”.
Simply hit enter here because there is no enable password configured. Here you type the command “enable” to get in enabled mode.Īs you can see you will get a password prompt. Type help or '?' for a list of available commands. When you open the box containing your new ASA 5505 and plug in your console you will see the following:
0 kommentar(er)
