Fundamental Configuration Tutorial For The Cisco ASA 5505 Firewall
The Cisco ASA 5505 Firewall is the smallest model in the new 5500 Cisco series of hardware appliances. Despite the fact that this model is appropriate for compact companies, branch offices or even dwelling use, its firewall safety capabilities are the similar as the largest models (5510, 5520, 5540 and so forth). The Adaptive Safety technologies of the ASA firewalls gives strong and trusted firewall protection, sophisticated application conscious safety, denial of service attack protection and a lot far more. Furthermore, the efficiency of the ASA 5505 appliance supports 150Mbps firewall throughput and 4000 firewall connections per second, which is far more than adequate for compact networks.
In this post I will clarify the fundamental configuration actions required to setup a Cisco 5505 ASA firewall for connecting a compact network to the Net. We assume that our ISP has assigned us a static public IP address (e.g 18.104.22.168 as an instance) and that our internal network variety is 192.168.1./24. We will use Port Address Translation (PAT) to translate our internal IP addresses to the public address of the outdoors interface. The distinction of the 5505 model from the larger ASA models is that it has an eight-port 10/100 switch which acts as Layer two only. That is, you can not configure the physical ports as Layer three ports, rather you have to make interface Vlans and assign the Layer two interfaces in every single VLAN. By default, interface Ethernet0/ is assigned to VLAN two and it is the outdoors interface (the one particular which connects to the Net), and the other 7 interfaces (Ethernet0/1 to /7) are assigned by default to VLAN 1 and are applied for connecting to the internal network. Let’s see the fundamental configuration setup of the most vital actions that you require to configure.
Step1: Configure the internal interface vlan —————————————————— ASA5505(config)# interface Vlan 1 ASA5505(config-if)# nameif inside ASA5505(config-if)# safety-level 100 ASA5505(config-if)# ip address 192.168.1.1 255.255.255. ASA5505(config-if)# no shut
Step 2: Configure the external interface vlan (connected to Net) ————————————————————————————- ASA5505(config)# interface Vlan two ASA5505(config-if)# nameif outdoors ASA5505(config-if)# safety-level ASA5505(config-if)# ip address 22.214.171.124 255.255.255. ASA5505(config-if)# no shut
Step 3: Assign Ethernet / to Vlan two ————————————————- ASA5505(config)# interface Ethernet0/ ASA5505(config-if)# switchport access vlan two ASA5505(config-if)# no shut
Step 4: Allow the rest interfaces with no shut ————————————————– ASA5505(config)# interface Ethernet0/1 ASA5505(config-if)# no shut
Do the similar for Ethernet0/1 to /7.
Step 5: Configure PAT on the outdoors interface —————————————————– ASA5505(config)# worldwide (outdoors) 1 interface ASA5505(config)# nat (inside) 1 … …
Step 6: Configure default route towards the ISP (assume default gateway is 200.200.200.two ——————————————————————————————————— ASA5505(config)# route outdoors … … 200.200.200.two 1
The above actions are the totally required actions you require to configure for generating the appliance operational. Of course there are a lot far more configuration information that you require to implement in order to boost the safety and functionality of your appliance, such as Access Handle Lists, Static NAT, DHCP, DMZ zones, authentication and so forth.