Step-By-Step Configuration Guide For The Cisco Asa 5505 Firewall
The Cisco ASA 5505 Firewall is the smallest model in the new 5500 Cisco series of hardware appliances. Although this model is suitable for small businesses, branch offices or even home use, its firewall security capabilities are the same as the biggest models (5510, 5520, 5540 etc). The Adaptive Security technology of the ASA firewalls offers solid and reliable firewall protection, advanced application aware security, denial of service attack protection and much more. Moreover, the performance of the ASA 5505 appliance supports 150Mbps firewall throughput and 4000 firewall connections per second, which is more than enough for small networks.
In this article I will explain the basic configuration steps needed to setup a Cisco 5505 ASA firewall for connecting a small network to the Internet. We assume that our ISP has assigned us a static public IP address (e.g 200.200.200.1 as an example) and that our internal network range is 192.168.1.0/24. We will use Port Address Translation (PAT) to translate our internal IP addresses to the public address of the outside interface. The difference of the 5505 model from the bigger ASA models is that it has an 8-port 10/100 switch which acts as Layer 2 only. That is, you can not configure the physical ports as Layer 3 ports, rather you have to create interface Vlans and assign the Layer 2 interfaces in each VLAN. By default, interface Ethernet0/0 is assigned to VLAN 2 and it’s the outside interface (the one which connects to the Internet), and the other 7 interfaces (Ethernet0/1 to 0/7) are assigned by default to VLAN 1 and are used for connecting to the internal network. Let’s see the basic configuration setup of the most important steps that you need to configure.
Step1: Configure the internal interface vlan
——————————————————
ASA5505(config)# interface Vlan 1
ASA5505(config-if)# nameif inside
ASA5505(config-if)# security-level 100
ASA5505(config-if)# ip address 192.168.1.1 255.255.255.0
ASA5505(config-if)# no shut
Step 2: Configure the external interface vlan (connected to Internet)
————————————————————————————-
ASA5505(config)# interface Vlan 2
ASA5505(config-if)# nameif outside
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address 200.200.200.1 255.255.255.0
ASA5505(config-if)# no shut
Step 3: Assign Ethernet 0/0 to Vlan 2
————————————————-
ASA5505(config)# interface Ethernet0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shut
Step 4: Enable the rest interfaces with no shut
————————————————–
ASA5505(config)# interface Ethernet0/1
ASA5505(config-if)# no shut
Do the same for Ethernet0/1 to 0/7.
Step 5: Configure PAT on the outside interface
—————————————————–
ASA5505(config)# global (outside) 1 interface
ASA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0
Step 6: Configure default route towards the ISP (assume default gateway is 200.200.200.2)
—————————————————————————————
ASA5505(config)# route outside 0.0.0.0 0.0.0.0 200.200.200.2 1
The above steps are the absolutely necessary steps you need to configure for making the appliance operational. Of course there are much more configuration details that you need to implement in order to enhance the security and functionality of your appliance, such as Access Control Lists, Static NAT, DHCP, DMZ zones, authentication etc.
Download the best configuration tutorial for any Cisco ASA 5500 Firewall model Here.
Harris Andrea is a Cisco Certified Network Professional (CCNP) and Cisco Certified Security Professional (CCSP) with more than 10 years experience in the networking field. He is currently employed as a network security senior engineer in a leading ISP company in Europe. He has designed and implemented several projects involving Cisco ASA/PIX firewalls and other Cisco products and technologies. You can visit his website below for more information about Cisco products and solutions. You can also learn how to configure any Cisco ASA 5500 Firewall Here. Go ahead and check out Harris website for more Cisco configuration examples and other related details about designing and implementing Cisco solutions: Ccna training.
Article Source
Share this:
Read also:
- What are Server computer, client computers and computer network?
- The Essential Elements of an IT Technology Solutions Provider
- Subnetting for Dummies With Scenario's
- The Major Benefits of Computer Networking
- Computer Network Consulting
- 3 Strategies for SAT Score Improvement
May 6th, 2011 at 2:57 am
I enjoy all the comments here….
i’m pondering about beginning my own blog. i’m asking yourself if it is hard to operate your own blog. I certainly enjoy commenting. many thanks Bloggers….
May 6th, 2011 at 6:01 am
Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something. I think that you could do with a few pics to drive the message home a little bit, but other than that, this is great blog. An excellent read. I will certainly be back.
May 6th, 2011 at 6:55 pm
I enjoy your blog site.. good shades & topic. Would you actually style and design this site oneself or maybe did a person bring in help to do it for you personally? Plz respond seeing that I!|m seeking to design my personal web site and also want to understand exactly where you got that through. thank you
May 7th, 2011 at 5:27 am
Awesome the site loads very fast
May 11th, 2011 at 5:11 am
Hello, I first would like to congratulate you on making such a great site, I definitely found your information very interesting and entertaining. Celebrities seem to be one of the best entertainment industries of the world today. If you want to view celebrity photos and interested in the latest celebrity gossip online, getting hollywood gossip on famous people, finding hollywood celebrity pictures and info on famous actors & actresses watch movies and tv shows online and get the hottest breaking news, celebrity photos, fashion, videos and games, Watch movies and tv shows online, check hottest celeb photos and everything. I would suggest you visit http://accesshollyhood.com
May 14th, 2011 at 10:31 am
howday,pal. I was told by one of my roomates to visit your blog. I love the layout of the blog especially. Your blog is very useful. Please keep on the good work. I absolutely will read it oftenly and recommend it to my relatives.
December 5th, 2011 at 12:17 pm
I’ve been surfing online greater than three hours lately, but I never discovered any fascinating article like yours. It?s pretty value sufficient for me. In my opinion, if all webmasters and bloggers made good content material as you probably did, the net shall be much more helpful than ever before.
December 8th, 2011 at 7:51 pm
Pretty nice post. I simply stumbled upon your weblog and wished to say that I have truly loved browsing your blog posts. After all I’ll be subscribing for your rss feed and I hope you write again very soon!
December 10th, 2011 at 6:31 am
I used to be suggested this web site through my cousin. I’m no longer positive whether this put up is written by way of him as no one else know such distinctive approximately my problem. You’re incredible! Thank you!
December 10th, 2011 at 9:44 am
magnificent publish, very informative. I ponder why the other specialists of this sector do not realize this. You must proceed your writing. I am sure, you’ve a great readers’ base already!
December 11th, 2011 at 10:07 am
Sites we Like……
[...] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose [...]……
December 11th, 2011 at 9:22 pm
Very interesting. I absolutely loved visiting your website. Cheers.
December 12th, 2011 at 1:33 am
Sites we Like……
[...] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose [...]……
December 12th, 2011 at 11:32 pm
Hi there, just changed into aware of your weblog through Google, and found that it’s really informative. I am gonna watch out for brussels. I will appreciate when you continue this in future. Numerous people will be benefited out of your writing. Cheers!
December 13th, 2011 at 4:01 am
hi!,I love your writing very much! share we keep in touch more about your article on AOL? I require an expert on this house to solve my problem. May be that’s you! Taking a look forward to see you.
December 13th, 2011 at 8:53 pm
Great beat ! I would like to apprentice while you amend your website, how can i subscribe for a blog website? The account aided me a acceptable deal. I had been tiny bit acquainted of this your broadcast offered bright clear idea
December 16th, 2011 at 11:03 am
I will right away grasp your rss as I can not to find your email subscription hyperlink or newsletter service. Do you have any? Please allow me understand so that I could subscribe. Thanks.
December 16th, 2011 at 11:11 pm
Excellent weblog right here! Additionally your site lots up fast! What web host are you the use of? Can I get your affiliate link for your host? I desire my web site loaded up as quickly as yours lol
December 21st, 2011 at 11:51 pm
download tv shows free to computer…
[...]Step-By-Step Configuration Guide For The Cisco Asa 5505 Firewall | Computer Network Solution[...]…
December 27th, 2011 at 4:18 am
It’s appropriate time to make some plans for the future and it is time to be happy. I have learn this publish and if I may I desire to recommend you some attention-grabbing issues or tips. Maybe you can write next articles regarding this article. I wish to learn more things approximately it!
December 27th, 2011 at 8:33 am
Pretty portion of content. I just stumbled upon your blog and in accession capital to say that I get in fact loved account your weblog posts. Any way I’ll be subscribing for your augment and even I fulfillment you get admission to constantly fast.