Questions

How do I configure a Cisco ASA 5510 for Internet Access

+
0 Votes
Locked

How do I configure a Cisco ASA 5510 for Internet Access

daniel.maisu
I am new to the Cisco ASA 5510 and want to configure it so everyone on it's inside interface has internet access.

Please give me a basic configuration steps on what to do. A sample config would help very much...
+
0 Votes
jkofinas

Step1: Configure a privileged level password (enable password)

By default there is no password for accessing the ASA firewall, so the first step before doing anything else is to configure a privileged level password, which will be needed to allow subsequent access to the appliance. Configure this under Configuration Mode:

ASA5510(config)# enable password mysecretpassword

Step2: Configure the public outside interface

ASA5510(config)# interface Ethernet0/0

ASA5510(config-if)# nameif outside

ASA5510(config-if)# security-level 0

ASA5510(config-if)# ip address 100.100.100.1 255.255.255.252

ASA5510(config-if)# no shut

Step3: Configure the trusted internal interface

ASA5510(config)# interface Ethernet0/1

ASA5510(config-if)# nameif inside

ASA5510(config-if)# security-level 100

ASA5510(config-if)# ip address 192.168.10.1 255.255.255.0

ASA5510(config-if)# no shut

Step 4: Configure PAT on the outside interface

ASA5510(config)# global (outside) 1 interface

ASA5510(config)# nat (inside) 1 0.0.0.0 0.0.0.0

Step 5: Configure Default Route towards the ISP (assume default gateway is 100.100.100.2)

ASA5510(config)# route outside 0.0.0.0 0.0.0.0 100.100.100.2 1

Step 6: Configure the firewall to assign internal IP and DNS address to hosts using DHCP

ASA5510(config)# dhcpd dns 200.200.200.10

ASA5510(config)# dhcpd address 192.168.10.10-192.168.10.200 inside

ASA5510(config)# dhcpd enable inside

The above basic configuration is just the beginning for making the appliance operational. There are many more configuration features that you need to implement to increase the security of your network, such as Static and Dynamic NAT, Access Control Lists to control traffic flow, DMZ zones, VPN etc.

BTW I pulled this info from another site... I was just toooo lazy to type it all out myself:-)

Cheers
John

+
0 Votes
daniel.maisu

Thanks for the info. I will try it out and see if I can access the internet through the ASA.