Thursday,Feb24,

Basic setup tutorial for the Cisco ASA 5510 Firewall

Continuing our series of articles on the Cisco ASA 5500 firewall, I offer here a basic setup tutorial for the Cisco ASA 5510 security appliances. This unit is the second model series ASA (ASA 5505, 5510, 5520, etc.) and is very popular, as it was designed for small and medium-sized. As the smallest model, the 5510 ASA 5505 provides two models of licensing options: The basic license and the Security Plus license The second (more security), providesdifferent hardware and performance improvements to the basic license, as up to 130,000 firewall connections (instead of 50,000), 100 VLAN maximum (instead of 50), redundancy, failover, etc. In addition, the Security Plus license enables two of the five ports Firewall network instead of just working as 10/100/1000 10/100.

Then you will see a simple scenario of Internet access, help us to understand the basic steps required to set up the 5510th ASA Suppose we have assigned a static public IP address100.100.100.1 address from our ISP. It also includes the internal LAN subnet 192.168.10.0/24. Interface Ethernet0 / 0 is connected with the outside (ISP) and Ethernet0 / 1 is the internal LAN switch to connect.

The firewall is configured to obtain IP addresses dynamically (DHCP) to provide guests with interiors. All communications from it (from outside) will be translated as Port Address Translation (PAT) on the external public. Let usPart of the configuration steps required for this baseline scenario:

Step 1: Set a password to enter privileged level (password)

By default, no password to access the ASA firewall, the first step before anything else is a privileged level password is required to access later you can configure the device. Configure this in configuration mode:

ASA5510 (config) # enable password MySecretPassword

Step 2: Configure the publicexternal interface

ASA5510 (config) # interface Ethernet0 / 0

ASA5510 (config-if) # nameif outside

ASA5510 (config-if) # security-level 0

ASA5510 (config-if) # ip address 100.100.100.1 255 255 255 252

ASA5510 (config-if) # no shutdown

Step 3: Configure the trusted internal interface

ASA5510 (config) # interface Ethernet0 / 1

ASA5510 (config-if) # nameif inside

ASA5510 (config-if) # security-level 100

ASA5510 (config-if) # ip address 192.168.10.1255.255.255.0

ASA5510 (config-if) # no shutdown

Configuring PAT on outside interface: Step 4

ASA5510 (config) # global (outside) 1 interface

ASA5510 (config) # nat (inside) 1 0.0.0.0 0.0.0.0

Step 5: Set the default route to the ISP (eg 100.100.100.2 Default Gateway)

ASA5510 (config) # route 0.0.0.0 0.0.0.0 100.100.100.2 outside a

Step 6: Configure the firewall to the internal IP address and DNS to be allocated to hosts via DHCP

ASA5510 (config) # dhcpd dns200.200.200.10

ASA5510 (config) # dhcpd address in 192.168.10.10-192.168.10.200

ASA5510 (config) # dhcpd enable inside

The configuration on the surface is just the beginning for the production of the device in operation. There are many more configuration options, you must implement these lists to increase the security of your network, such as static and dynamic NAT, Access Control, control traffic flow, DMZ, VPN, etc.

Visit my website in my box of income belowMore information about Cisco products and solutions. You can also learn how to configure here, all the Cisco ASA 5500 firewall (for all models with ASA software versions 7.x and 8.x).

wireless inkjet printer

Labels: , Posted by tun at 10:39 AM  

Agregar a marcadores favoritos:
  • Agregar a Technorati
  • Agregar a Del.icio.us
  • Agregar a DiggIt!
  • Agregar a Yahoo!
  • Agregar a Google
  • Agregar a Meneame
  • Agregar a Furl
  • Agregar a Reddit
  • Agregar a Magnolia
  • Agregar a Blinklist
  • Agregar a Blogmarks
  • Agregar a otro servicio

Danos tu comentario

Post a Comment

Subscribe to: Post Comments (Atom)

Home |Design by Blogger