Basic Configuration Tutorial For the Cisco ASA 5505 Firewall
The Cisco ASA 5505 firewall is the smallest model of the new Cisco 5500 series hardware appliances. Although this model is ideal for small businesses, branch offices or even home use are likely to be the firewall security features such as the largest models (5510, 5520, 5540, etc.). The Adaptive Technology of the ASA Firewall Security provides solid and reliable firewall security, advanced application security features, Denial of Service attack protection, and much more.In addition, the implementation of the ASA 5505 appliance supports 150Mbps firewall throughput, and 4000 firewall connections per second, which is more than enough for small networks is.
In this article I will explain the basic configuration steps are necessary to set up a Cisco ASA 5505 firewall to connect a small network to the Internet. We anticipate that our ISP has assigned us a static public IP address (for example) 200.200.200.1 as an example, and that our internal network 192.168.1.0/24 area. Weis Port Address Translation (PAT) to use to translate our internal IP addresses to the public outside of the interface. The difference between the 5505-model from the larger models, ASA is that there is an 8-port 10/100 switch, which acts as a Layer 2 only. This means you can not configure the physical port as a Layer 3 ports, but you have to create VLANs and assign the interface to layer 2 interfaces in each VLAN. By default, the interface Ethernet0 / 0 assigned to VLAN 2 and it is the external interface(the one that connects to the Internet), and assigned to the other 7-interfaces (Ethernet0 / 1 to 0 / 7) by default on VLAN 1 and are used for connecting to the internal network. Let's see, the basic configuration setup of the most important steps you need to configure.
Step 1: Configure the internal VLAN interface
-------------------------------------------------- ----
ASA5505 (config) # interface vlan 1
ASA5505 (config-if) # nameif inside
ASA5505 (config-if) # security-level100
ASA5505 (config-if) # ip address 192.168.1.1 255.255.255.0
ASA5505 (config-if) # closed
Step 2: Configure the external interface VLAN (Internet connected)
-------------------------------------------------- -----------------------------------
ASA5505 (config) # interface vlan 2
ASA5505 (config-if) # nameif outside
ASA5505 (config-if) # security-level 0
ASA5505 (config-if) # ip address 200.200.200.1 255.255.255.0
ASA5505 (config-if) # closed
Step 3: AssignEthernet 0 / 0 to VLAN 2
-------------------------------------------------
ASA5505 (config) # interface Ethernet0 / 0
ASA5505 (config-if) # switchport access vlan 2
ASA5505 (config-if) # closed
Step 4: Check the other interfaces with no closed
--------------------------------------------------
ASA5505 (config) # interface Ethernet0 / 1
ASA5505 (config-if) # closed
Do the same for Ethernet0 / 1 to 0 / 7.
Step 5: Configuring PAT on the outsideInterface
-------------------------------------------------- ---
ASA5505 (config) # global (outside) 1 interface
ASA5505 (config) # nat (inside) 1 0.0.0.0 0.0.0.0
Step 6: Configure the default route to the ISP (assume default gateway is 200.200.200.2
-------------------------------------------------- -------------------------------------------------- -----
ASA5505 (config) # route outside 0.0.0.0 0.0.0.0 200.200.200.2 1
The above steps are absolutely necessary stepsYou need to configure for the manufacture of the device in operation. Of course there are many more configuration details that you need to implement to ensure the safety and functionality of your device, such as Access Control Lists, Static NAT, DHCP, DMZ zones, improving authentication, etc.
Visit my website in my resource box below for more information about Cisco products and solutions. You can also configure all Cisco ASA 5500 firewall here.
Related : spyware removal remove spyware
Danos tu comentario
Post a Comment