In this article you will learn How to configure CISCO ASA Firewall 5510. Its a Basic configuration of Cisco ASA firewall. As we know that Firewall use to secure our internal Network from External network. Hackers try to access internal network from internet (external Network) so that we need to deploy Firewall in Network. we will configure firewall with scenario based.
- Cisco ASA Firewall Interfaces Configuration
- Default Route Configuration
CISCO ASA Firewall Basic Configuration Guide
- First of All, Connect Console cable to console port, then enable command. and press enter because by default no password configured for enable mode.
- Now type write erase command, to remove default Cisco configuration. then press Y to confirm.
- Now you will have to reboot firewall then type reload Command and hit enter, then press Y to confirm.
- Now after Restart Firewall It will ask below question.
Pre-configure Firewall now through interactive prompts [Yes]?
Now Type ” No” because you have to configure yourself.
5. Now change Host name of your ASA Firewall.
Note- By Default ASA Firewall do not inspect ICMP traffic. To Inspect ICMP traffic follow below steps…
ASA Firewall Interface Configuration
Before configure interface we have determine firewall interface and Zone. Which interface for Internal Network and which for Internet. Find below Detail of Interface
ASA Inside Interface Configuration
Note- By default Inside interface Security level is 100.
ASA DMZ Interface Configuration
ASA Outside Interface Configuration
Now Interface Configuration has been done. By default traffic will pass from a higher security level to lower security level without any access list. Means that Inside user can access DMZ Server and Internet. But Internet user can not access DMZ Server and Inside Network.
ASA Default Route Configuration
Now you will have to configure default route to access internet from Inside Network. In my case default gateway address is – 22.214.171.124
Now you can access internet and DMZ Server from Inside network with an Access List. Now check connectivity from ping Internet address-126.96.36.199 from Internal LAN.
Enable Telnet In CISCO ASA
You will have enable telnet on Cisco Firewall for management access to your Inside Network. You can allow to entire network or specific host.
Now you can telnet your firewall IP Address 192.168.1.1 from your Internal LAN and configure your firewall. This CISCO ASA Firewall Basic Configuration Guide will help you in network Security career. Its a first steps of ASA firewall so every network security engineer must know Basic configuration of ASA.