Wednesday, September 18, 2013

ASA 5505 BASIC CONFIGURATION

ASA 5505 Basic Configurations



ISP Provider gives WAN IP: 105.108.52.151 /27

ISP Default Gateway 105.108.52.129


LAN Your Local Area Network IP:  10.2.1.0 /24

ASA inside IP 10.2.1.1 subnet mask 255.255.255.0



ASA# config t

ASA (config) # hostname BabuASA5505

BabuASA5505 (config) # domain-name babu.com

BabuASA5505 (config) #enable password xxx

Default E0/1 to E0/7 all interface configured with VLAN1 and E0/0 configured with VLAN2 Factory 

default configuration (Pre-configured).


BabuASA5505 (config) # interface Vlan1
BabuASA5505 (config) # nameif inside
BabuASA5505 (config) # security-level 100
BabuASA5505 (config) # ip address 10.2.1.1 255.255.255.0
BabuASA5505 (config) # no shutdown


BabuASA5505 (config) # interface Vlan2
BabuASA5505 (config) # nameif outside
BabuASA5505 (config) # security-level 0
BabuASA5505 (config) # ip address 105.108.52.151 255.255.255.224
BabuASA5505 (config) # no shutdown


BabuASA5505 (config) # interface Ethernet0/0
BabuASA5505 (config) # switch-port access vlan2


BabuASA5505 (config) #interface Ethernet0/1
BabuASA5505 (config) # no shutdown


interface Ethernet0/2
Shutdown
!
interface Ethernet0/3
Shutdown
!
interface Ethernet0/4
Shutdown
!
interface Ethernet0/5
Shutdown
!
interface Ethernet0/6
Shutdown
!
interface Ethernet0/7
Shutdown


NAT Configuration:

Permit specific LAN Network to have WAN Access

BabuASA5505 (config) # nat (inside) 1 10.2.1.0 255.255.255.0 0.0

Or

Default all network to have WAN Access (All LAN subnet to have access WAN).

BabuASA5505 (config) # nat (inside) 1 0.0.0.0 0.0.0.0 0.0



Specify WAN (for NAT /PAT) ip address of the LAN network you can specify ip address or

range of ip addresses or WAN interface.


BabuASA5505 (config) # global (outside) 1 interface


Note: both NAT, Global using No. 1 (parameter), when NAT/PAT doing based on this

Parameter, same parameter then only translation will happen.

Configure default route:

BabuASA5505 (config) # route outside 0.0.0.0 0.0.0.0 105.108.52.129 1

Here 105.108.52.129 is the ISP default gateway address. 1 – Administrative distance. it is 

optional.

at
Labels:

1 comment:

Subscribe to: Post Comments (Atom)