![enable telnet cisco asa 5505 asdm enable telnet cisco asa 5505 asdm](https://slideplayer.com/slide/5675510/18/images/87/Startup+Wizard+-+Step+8+of+9.jpg)
In this example I will attach the interface “Ethernet 0” to the outside VLAN (VLAN 2) and make the port operational.ĮxampleASA(config)# interface ethernet0/0ĮxampleASA(config-if)# switchport access vlan 2 Now we need to attach the outside VLAN to one of the interfaces of the ASA.īy default all the interfaces are attached to VLAN 1 and by default all the interfaces are in the “shutdown” state. With this command you dont need to configure a default gateway since you will get this from your provider. If your provider gives you a IP address trough DHCP the configuration is a little easier.ĮxampleASA(config-if)# ip address dhcp setroute You also need to make a static route if your provider supplied you with a static IP address. INFO: Security level for outside set to 0 by default.ĮxampleASA(config)# route outside 0.0.0.0 0.0.0.0 212.115.192.192Īs you can see the ASA sets the security level of the interface called outside to 0. Now we will start on the outside (WAN) configuration.ĭepending on the provider you might have to do this a little bit different but I will start with a static IP address first.ĮxampleASA(config-if)# ip address 212.115.192.193 255.255.255.248 This means that no one from the outside can start a session to the inside. With security levels you can always go from high (100) to low (0) but never the other way around unless configured otherwise. INFO: Security level for "inside" set to 100 by default.Īll the ASA devices work with security levels that you apply to VLANs/interfaces. With the ASA 5505 you work with VLANs instead of assigning IP addresses to actual interfaces. Now that this is done we will configure the inside (LAN) address of the ASA.
ENABLE TELNET CISCO ASA 5505 ASDM FULL
Privilege 15 is the highest of the privileges and gives you full control over the device. Setting your privilege to 15 is very important if you’re the one that is going to manage the ASA.
ENABLE TELNET CISCO ASA 5505 ASDM PASSWORD
Now we will set a username and password so you can actually manage the ASA from your desk with SSH/Telnet/ASDM.ĮxampleASA(config)# username example password example privilege 15 Now we will give our ASA another hostname.Īs you can see the hostname changes immediately. Notice the (config) behind the device hostname. You can do this by issuing the command “configure terminal” The 1st thing you want to do is get into configuration mode. Now enter enabled mode (look up if you forgot how to) and issue the command “show running-config“. Pre-configure Firewall now through interactive prompts ?Īnswer with “no” since you want to configure the ASA yourself (you want to be a cisco engineer right ?). Now when your router is restarted you will get this question: You will use the “reload” command for this. Now that you erased your startup configuration you will need to reload the ASA to get a clean configuration. You will be prompted to confirm that you want to erase the configuration. You might wonder why but there is a lot of stuff in that configuration that you don’t need/want and could even cause some network issues if you connected it to your network (DHCP).Įrase configuration in flash memory? This will delete all the default configuration Cisco made for you. The 1st thing you want to do is type the command “write erase”. Simply hit enter here because there is no enable password configured. Here you type the command “enable” to get in enabled mode.Īs you can see you will get a password prompt. Type help or '?' for a list of available commands.
![enable telnet cisco asa 5505 asdm enable telnet cisco asa 5505 asdm](https://i.stack.imgur.com/CF5Vy.png)
Interface Vlan2nameif outside 对端口命名外端口security-level 0 设置端口等级ip address X.X.X.X 24 调试外网地址!interface Vlan3nameif inside 对端口命名内端口security-level 100 调试外网地址ip address 设置端口等级!interface Ethernet0/0switchport access vlan 2 设置端口VLAN与VLAN2绑定!interface Ethernet0/1switchport access vlan 3 设置端口VLAN与VLAN3绑定!interface Ethernet0/2shutdown!interface Ethernet0/3shutdown!interface Ethernet0/4shutdown!interface Ethernet0/5shutdown!interface Ethernet0/6shutdown!interface Ethernet0/7shutdown!passwd 2KFQnbNIdI.2KYOU encryptedftp mode passivedns domain-lookup insidedns server-group DefaultDNSname-server 10name-server 15access-list 102 extended permit icmp any any 设置ACL列表(允许ICMP全部通过)access-list 102 extended permit ip any any 设置ACL列表(允许所有IP全部通过)pager lines 24mtu outside 1500 mtu inside 1500icmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400global (outside) 1 interface 设置NAT地址映射到外网口nat (inside) 1 NAT地址池(所有地址)access-group 102 in interface outside 设置ACL列表绑定到外端口route outside x.x.x.When you open the box containing your new ASA 5505 and plug in your console you will see the following: