Cisco ASA 5510 Firewall : Standard Configuration Tutorial

Cisco ASA 5510 Firewall : Standard Configuration Tutorial

Continuing our collection of articles about Cisco ASA 5500 firewalls, I am supplying you here a primary configuration tutorial for the Cisco ASA 5510 protection appliance. This gadget is the 2nd product in the ASA collection (ASA 5505, 5510, 5520 and so on) and is pretty well known considering the fact that is intended for smaller to medium enterprises. Like the smallest ASA 5505 product, the 5510 arrives with two license solutions: The Base license and the Safety Furthermore license. The 2nd 1 (protection in addition) presents some overall performance and components enhancements over the base license, these kinds of as a hundred thirty,000 Optimum firewall connections (as a substitute of fifty,000), one hundred Optimum VLANs (as a substitute of fifty), Failover Redundancy, and so on. Also, the protection in addition license permits two of the 5 firewall community ports to perform as 10/one hundred/a thousand as a substitute of only 10/one hundred.

Future we will see a basic Internet Obtain situation which will help us realize the primary steps necessary to setup an ASA 5510. Presume that we are assigned a static public IP address one from our ISP. Also, the inside LAN community belongs to subnet 192.168.10./24. Interface Ethernet0/ will be connected on the exterior (toward the ISP), and Ethernet0/one will be connected to the Within LAN change.

The firewall will be configured to provide IP addresses dynamically (making use of DHCP) to the inside hosts. All outbound conversation (from within to exterior) will be translated making use of Port Handle Translation (PAT) on the exterior public interface. Let us see a snippet of the required configuration steps for this primary situation:

Step1: Configure a privileged stage password (empower password)
By default there is no password for accessing the ASA firewall, so the initially move right before accomplishing anything else is to configure a privileged stage password, which will be necessary to let subsequent entry to the appliance. Configure this under Configuration Manner:

ASA5510(config)# empower password mysecretpassword

Step2: Configure the public exterior interface
ASA5510(config)# interface Ethernet0/
ASA5510(config-if)# nameif exterior
ASA5510(config-if)# protection-stage
ASA5510(config-if)# ip address one
ASA5510(config-if)# no shut

Step3: Configure the trustworthy inside interface
ASA5510(config)# interface Ethernet0/one
ASA5510(config-if)# nameif within
ASA5510(config-if)# protection-stage one hundred
ASA5510(config-if)# ip address 255.255.255.
ASA5510(config-if)# no shut

Action four: Configure PAT on the exterior interface
ASA5510(config)# international (exterior) one interface
ASA5510(config)# nat (within) one … …

Action 5: Configure Default Route toward the ISP (presume default gateway is one hundred.2)
ASA5510(config)# route exterior … … one hundred.2 one

Action six: Configure the firewall to assign inside IP and DNS address to hosts making use of DHCP
ASA5510(config)# dhcpd dns two hundred.two hundred.two hundred.10
ASA5510(config)# dhcpd address hundred within
ASA5510(config)# dhcpd empower within

The higher than primary configuration is just the beginning for generating the appliance operational. There are lots of much more configuration functions that you have to have to put into action to improve the protection of your community, these kinds of as Static and Dynamic NAT, Obtain Manage Lists to manage site visitors circulation, DMZ zones, VPN and so on.

Comments are closed.