Wednesday, April 30, 2014

Cisco ASA: An Initial Configuration Task List For The ASA 5505 Pre-8.3

Dont do this on anyting over a 5505.  It wont work for you.  This is a quick config task list to get your ASA 5505 up and running quick.  Its the older code, keep that in mind.  This will get you on the Internet, which is the goal of a lot of very small offices who just want some sort of protection.
TASK LIST AND CONFIG:
change hostname
ciscoasa(config)# hostname ASA
configure domain name
ASA(config)# domain-name ASA.com
create crypto key
ASA(config)# crypto key generate rsa mod 2048
configure internal ip addresses
ASA(config)# int vlan 1
ASA(config-if)# no ip add
ASA(config-if)# ip add 192.168.5.1 255.255.255.0
configure outside interface ip address
ASA(config-if)# int vlan 2
ASA(config-if)# no ip address dhcp setroute
ASA(config-if)# ip add 5.5.5.46 255.255.255.252
configure default route
ASA(config-if)# route outside 0.0.0.0 0.0.0.0 5.5.5.45
disable HTTP access to the ASA
ASA(config)# no http 192.168.1.0 255.255.255.0 inside
ASA(config)# no http server enable
allow SSH access to ASA
ASA(config)# ssh 0.0.0.0 0.0.0.0 outside
ASA(config)# ssh 0.0.0.0 0.0.0.0 inside
define a user login instead of the default:
ASA(config)# username shane pass thisismypassword pri 15
ASA(config)# aaa authen ssh cons LOCAL
ASA(config)# aaa authen enable cons LOCAL
ASA(config)# aaa authen serial consol LOCAL

Posted by

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.

Subscribe to: Post Comments (Atom)