Basic Configuration Tutorial For Asa 5505

Firewalls Cisco ASA 5505 is the smallest model of the new Cisco 5500 series for household appliances. Although this model is suitable for small businesses, offices or even from home, its security capabilities firewall are the same as the larger models (5510, 5520, 5540, etc..) Adaptation technologies for the security of the ASA firewall provides solid and reliable firewall protection, advanced security conscious denial of service attack protection, and more. In addition, the performance of the ASA 5505 supports Speed 150Mbps firewall and firewall 4000 connections per second, which is more than sufficient for small networks.

In this article I will describe the configuration steps for installing a firewall Cisco ASA 5505 for connecting a small network to the Internet. We assume that our ISP has a static IP address (eg 200.200.200.1 for example), and our internal range is 192.168.1.0/24. We use Port Address Translation (PAT) to translate internal IP addresses to public opinion outside the interface. The difference between the models of the SAA in 5505, larger models, there is a 8-Port 10/100 Switch, Level 2. So you can not bear the physical layer 3-Port, as in the interface VLAN and the allocation of Layer 2 interfaces in different VLANs. By default, Ethernet0 / 0 for VLAN 2 and is outside the (Internet connection), and 7 other interfaces (Ethernet0 / 1 0 / 7), the default VLAN 1, and are for connection to the internal network. See the basic configuration of the main steps you need to configure.

Step 1: Configure the internal interface vlan
————————————————
ASA5505 (config) # interface vlan 1
ASA5505 (config-if) # nameif in
ASA5505 (config-if) # security-level 100
ASA5505 (config-if) # ip address 192.168.1.1 255.255.255.0
ASA5505 (config-if) # no shut

Step 2: Configuring the external interface vlan (with Internet access)
————————————————– ——————
ASA5505 (config) # interface vlan 2
ASA5505 (config-if) # nameif outside
ASA5505 (config-if) # security-level 0
ASA5505 (config-if) # ip address 200.200.200.1 255.255.255.0
ASA5505 (config-if) # no shut

Step 3: Assigning Ethernet 0 / 0 vlan 2
—————————————–
ASA5505 (config) # interface Ethernet0 / 0
ASA5505 (config-if) # switch port access vlan 2
ASA5505 (config-if) # no shut

Step 4: Enable the rest of the interface without
———————————————-
ASA5505 (config) # interface Ethernet0 / 1
ASA5505 (config-if) # no shut

Do the same for Ethernet0 / 1 0 / 7

Step 5: Configuring PAT interface to the outside
————————————————-
ASA5505 (config) # global (outside) 1 interface
ASA5505 (config) # nat (inside) 1 0.0.0.0 0.0.0.0

Step 6: Configuring default route on the ISP (provided that the default gateway is 200.200.200.2
————————————————– —————————————–
ASA5505 (config) # route 0.0.0.0 0.0.0.0 200.200.200.2 1

These measures are absolutely necessary, you must use the device to make effective. Of course, there are many more details on the configuration you need to improve security and functionality of the device, such as access control lists, Static NAT, DHCP, DMZ areas, the authentication, IPSEC VPN, etc.

Go to my site in my resource box below for more information on Cisco products and solutions. You can also teach a Cisco ASA 5500 Firewall model on my site, see below.