fir3net
PPS-Firenetbanner-780.5x190-30-03-17

ASA 5505 Example Configuration

Below is an example of a basic configuration for an ASA 5505 Firewall. The main difference between the other ASAs is that with the 5505 you have 10 ports which are not assigned to their own bridge groups. So you need to configure you VLANs and then assign you ports to your VLANs.

Please Notes :

  • This article is still in draft so is yet not fully complete.
  • These are the commands which were run after running the command `config factory-default`
hostname asa

mtu outside 1492
vpdn group ISP request dialout pppoe
vpdn group ISP localname [login]
vpdn group ISP ppp authentication chap
vpdn username [login] password [password]

interface Vlan 1
nameif inside
security-level 100
ip address 10.12.1.100 255.255.255.0
no shut
exit

interface Vlan 2
nameif outside
security-level 0
pppoe client vpdn group ISP
ip address pppoe setroute
no shut
exit

interface Ethernet0/0
switchport access vlan 2
no shut
exit

interface Ethernet0/1
switchport access vlan 1
no shut
exit

global (outside) 1 interface
nat (inside) 1 10.12.1.0 255.255.255.0

dhcpd address 10.12.1.1-10.1.1.10 inside
dhcpd dns [dns server 1] [dns server 2]
dhcpd lease 3600
dhcpd enable inside

crypto key generate rsa modulus 1024
ssh 10.12.1.0 255.255.255.0 inside
ssh scopy enable

access-list  acl-outside deny ip any any
access-list  acl-inside permit ip any any

access-group acl-outside in interface outside
access-group acl-inside in interface inside

policy-map global_policy
class inspection_default
inspect icmp
exit

enable password [password]
username [username] password [password] privilege 15
aaa authorization command LOCAL
aaa authentication ssh console LOCAL


Tags: ASA

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001