Anda di halaman 1dari 2

Basic Cisco ASA configuration http://pepechingon.

com/basic-cisco-asa-configuration/

About
Downloads

pepechingon.com Because all the other nonsense is not enough…

Technology »
Science »
Religion
News

RSS Feed

Follow Me
Basic Cisco ASA configuration
By
J Sanchez
– March 26, 2010Posted in: Networking, Technology

A few days ago we had a need for a router, we did not have one handy, but we did have a Cisco ASA
5505. While I’ve configured my fair share of routers, I never had the need to configure a PIX or
ASA. It turns out that while there are difference when configuring a security device and a router or
switch, the commands are very similar.

Here is the scope of I what I needed to accomplish:


Inside network = 10.0.0.0/24
Now Reading
Outside network ip = 76.203.90.1/30
Default route via 76.203.90.2
Hostname = ASA
No DHCP
All traffic should be allowed
Exec password must be set to cisco.

Here is how we accomplish this very basic configuration – Please note that all commands are in
italics.

After you get into Global configuration type the following:


ciscoasa(config)# host ASA – This will change the host name to ASA

Configure passwords:
ASA(config)#enable secret cisco – This will set our privilege mode password to cisco.

Configure the interfaces:


ASA(config)#int fa0/0 – to configure the interface Fastethernet0/0
ASA(config-int)#ip add 10.0.0.1 255.255.255.0 – This will assign 10.0.0.1/24 as the ip address of our
interface.
ASA(config-int)#nameif inside – This will label that interface as our inside network.
ASA(config-int)#no shut
ASA(config-int)#int fa0/1 – this will take us to interface configuration mode for interface
Fastethernet0/1
ASA(config-int)#ip add 76.203.90.1 255.255.255.252 – This will assign 76.203.90.1/30 to the
interface.
ASA(config-int)#nameif outside – This will label the interface as the outisde interface.
ASA(config-int)#no shut – This will enable our interface FA0/1.
ASA(config-int)#exit – This will take us back to global configuration mode.

Configuring NAT/PAT
ASA(config)#nat (inside) 1 0.0.0.0 0.0.0.0 – This tells the ASA to translate all addresses on the inside
interface.
ASA(config)#global (outside) 1 interface – This tells the ASA that all translated addresses should use
the outside interface ip for PAT.

Configuring the default route:


ASA(config)#route outside 0.0.0.0 0.0.0.0 76.203.90.2 1 – This configures the default route the the
specified ip using the outside interface.
Twitter Updates
Allowing traffic:
ASA(config)#access-list traffic extended permit ip any any – This will permit any traffic to and from RT @etherealmind: To all my
any ip address.

1 of 2 11/9/2010 10:49 PM
Basic Cisco ASA configuration http://pepechingon.com/basic-cisco-asa-configuration/

American friends, I'll stop


laughing about your elections in a
About Arras WordPress Theme few days. I mean - Christine
O'Donnell, are y ... 2010/11/03
Copyright pepechingon.com. All Rights Reserved. User calls asking the following
question: Do we pay extra to send
international email? I couldn't
help, but to laugh my ass off.
#idiots 2010/10/01
@packetpushers What do you
guys use for ios config version
control? 2010/10/01
I have to get nasty with @CAinc
technical support. They are the
most incompetent tech support
team I've ever contacted.
#bangheadhere 2010/09/30
I wish we would have gone with
symantec endpoint protection.
@CAInc
#COMPUTERASSOCIATESSUCKS
2010/09/29
@CAInc sucks.Took tech support
3 days to get Total Defense
installed, n now I regret it. UI is
horrible. Stay away from any
@CAInc products. 2010/09/29
Computer Associates: Shitty
products. Shitty costumer service.
#SMH 2010/09/28

Categories

News
Religion
Science
Math
Technology
Hardware
Networking
Software
Web

2 of 2 11/9/2010 10:49 PM