Posts tagged asdm

cisco: ASA 5510 basic setup
posted on 2016-02-29 22:49:46

This is almost the same posting as the previous one on setting up the 5505, but with some adjustments.

To have a very basic and usable ASA device after a factory reset, you might consider the commands presented in the following. These were entered into the device via a serial connection to the console port.

Usually this connection's speed is 9600 baud 8N1, in case you wonder.

ASDM will be available in LAN, not just via the Management port. Further there private IP networks being used for ingress and egress networks.

first aid

  • Use TAB to expand all the mentioned commands.
  • Use ? to show available commands.
  • In (config), use sh run to show your current configuration.

In case you need more in depth info, here is the original page from cisco.

modes

There are several modes, in very short:

  • EXEC = only most basic commands ('>' prompt)
  • privileged EXEC = you can now reboot and possibly change config ('#' prompt, enter via ena)
  • config = you can change configuration ('(config)' prompt, enter via conf t)

first steps upon fresh connect after a factory reset

! ! denotes comments and do not need being entered

! privileged mode
ena
! hit enter, initially no password needed

! now enter configure mode
conf t

! which box are we working on?
ho <hostname>

! set enable password
! can be used later for ASDM, too, which username being omitted
ena p <password>

set external and interal networks onto physical port

! maybe instead of 'E' you need 'G' for gigabit interfaces
in E 0/0
no shut
sec 0
ip ad 10.0.0.1 255.255.255.0
nameif OUTSIDE

in E 0/1
no shut
sec 100
ip ad 192.168.0.1 255.255.255.0
nameif INSIDE

! management IF, in case you want it
!in M 0/0

!exit
q

ASDM

! enable asdm...
ht s en

! ... from LAN
ht 192.168.0.0 255.255.255.0 INSIDE

save and reboot

wr mem
rel

ASA's are painful to maintain.

cisco: ASA 5505 basic setup
posted on 2016-02-29 22:49:46

To have a very basic and usable ASA device after a factory reset, you might consider the commands presented in the following. These were entered into the device via a serial connection to the console port.

Usually this connection's speed is 9600 baud 8N1, in case you wonder.

ASDM will be available in LAN, not just via the Management port. Further there private IP networks being used for ingress and egress networks.

first aid

  • Use TAB to expand all the mentioned commands.
  • Use ? to show available commands.
  • In (config), use sh run to show your current configuration.

modes

There are several modes, in very short:

  • EXEC = only most basic commands ('>' prompt)
  • privileged EXEC = you can now reboot and possibly change config ('#' prompt, enter via ena)
  • config = you can change configuration ('(config)' prompt, enter via conf t)

first steps upon fresh connect after a factory reset

! ! denotes comments and do not need being entered

! privileged mode
ena
! hit enter, initially no password needed

! now enter configure mode
conf t

! which box are we working on?
ho <hostname>

! set enable password
! can be used later for ASDM, too, which username being omitted
ena p <password>

create VLAN for external and interal network

in Vlan1
 nameif OUTSIDE
 sec 1
 ip ad 10.0.0.1 255.255.255.0

in Vlan10
 nameif INSIDE
 sec 100
 ip ad 192.168.1.1 255.255.255.0

! exit
q

set vlans for your physical interfaces

! first your uplink
in E 0/0
 no shut
 sw a v 1

! now the others
in E 0/1
 no shut
 sw a v 10

in E 0/2
 no shut
 sw a v 10

in E 0/3
 no shut
 sw a v 10

! of course you can do it for all others, too, if you want
! else:
q

ASDM

! enable asdm...
ht s en

! ... from LAN
ht 192.168.1.0 255.255.255.0 INSIDE

save and reboot

wr mem
rel

ASA's are painful to maintain.

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, arcconf, arch, architecture, areca, arping, asa, asdm, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pvecm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh

View posts from 2017-02, 2017-01, 2016-12, 2016-11, 2016-10, 2016-09, 2016-08, 2016-07, 2016-06, 2016-05, 2016-04, 2016-03, 2016-02, 2016-01, 2015-12, 2015-11, 2015-10, 2015-09, 2015-08, 2015-07, 2015-06, 2015-05, 2015-04, 2015-03, 2015-02, 2015-01, 2014-12, 2014-11, 2014-10, 2014-09, 2014-08, 2014-07, 2014-06, 2014-05, 2014-04, 2014-03, 2014-01, 2013-12, 2013-11, 2013-10


Unless otherwise credited all material Creative Commons License by sjas