ASA 5505 Example Configuration

Below is an example of a basic configuration for an ASA 5505 Firewall. The main difference between the other ASAs is that with the 5505 you have 10 ports which are not assigned to their own bridge groups. So you need to configure you VLANs and then assign you ports to your VLANs.

Please Notes :

  • This article is still in draft so is yet not fully complete.
  • These are the commands which were run after running the command `config factory-default`
hostname asa

mtu outside 1492
vpdn group ISP request dialout pppoe
vpdn group ISP localname [login]
vpdn group ISP ppp authentication chap
vpdn username [login] password [password]

interface Vlan 1
nameif inside
security-level 100
ip address 10.12.1.100 255.255.255.0
no shut
exit

interface Vlan 2
nameif outside
security-level 0
pppoe client vpdn group ISP
ip address pppoe setroute
no shut
exit

interface Ethernet0/0
switchport access vlan 2
no shut
exit

interface Ethernet0/1
switchport access vlan 1
no shut
exit

global (outside) 1 interface
nat (inside) 1 10.12.1.0 255.255.255.0

dhcpd address 10.12.1.1-10.1.1.10 inside
dhcpd dns [dns server 1] [dns server 2]
dhcpd lease 3600
dhcpd enable inside

crypto key generate rsa modulus 1024
ssh 10.12.1.0 255.255.255.0 inside
ssh scopy enable

access-list  acl-outside deny ip any any
access-list  acl-inside permit ip any any

access-group acl-outside in interface outside
access-group acl-inside in interface inside

policy-map global_policy
class inspection_default
inspect icmp
exit

enable password [password]
username [username] password [password] privilege 15
aaa authorization command LOCAL
aaa authentication ssh console LOCAL


Rick Donato

Want to become an IT Security expert?

Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial