ASA 5505 Example Configuration

Below is an example of a basic configuration for an ASA 5505 Firewall. The main difference between the other ASAs is that with the 5505 you have 10 ports which are not assigned to their own bridge groups. So you need to configure you VLANs and then assign you ports to your VLANs.

Please Notes :

  • This article is still in draft so is yet not fully complete.
  • These are the commands which were run after running the command `config factory-default`
hostname asa

mtu outside 1492
vpdn group ISP request dialout pppoe
vpdn group ISP localname [login]
vpdn group ISP ppp authentication chap
vpdn username [login] password [password]

interface Vlan 1
nameif inside
security-level 100
ip address
no shut

interface Vlan 2
nameif outside
security-level 0
pppoe client vpdn group ISP
ip address pppoe setroute
no shut

interface Ethernet0/0
switchport access vlan 2
no shut

interface Ethernet0/1
switchport access vlan 1
no shut

global (outside) 1 interface
nat (inside) 1

dhcpd address inside
dhcpd dns [dns server 1] [dns server 2]
dhcpd lease 3600
dhcpd enable inside

crypto key generate rsa modulus 1024
ssh inside
ssh scopy enable

access-list  acl-outside deny ip any any
access-list  acl-inside permit ip any any

access-group acl-outside in interface outside
access-group acl-inside in interface inside

policy-map global_policy
class inspection_default
inspect icmp

enable password [password]
username [username] password [password] privilege 15
aaa authorization command LOCAL
aaa authentication ssh console LOCAL

Tags: ASA

About the Author


R Donato

Rick Donato is the Founder and Chief Editor of He currently works as an SDN/NFV Solutions Architect and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001