Some basic commands
ciscoasa#show run | include username
ciscoasa#show interface ip brief
ciscoasa#show route
ciscoasa#show nat
ciscoasa#show xlate
ciscoasa#show xlate detail
ciscoasa#show access-list
ciscoasa#show run object
ciscoasa#show dhcpd binding
ciscoasa#show dhcpd state
ciscoasa#show dhcpd statistics
To Login
ciscoasa> enable
Password:
To Set Username and Password
ciscoasa(config)# username admin privilege 15
ciscoasa(config)# username admin password bdlvl987
To Configure Ip Address
Create Outside:
ciscoasa#configure terminal
ciscoasa(config)# interface management 0/0
ciscoasa(config-if)# security-level 0
ciscoasa(config-if)# nameif outside
ciscoasa(config-if)# ip address 172.16.10.2 255.255.255.240
ciscoasa(config-if)# no shut
Create Inside:
ciscoasa(config)# interface gig 0/0
ciscoasa(config-if)# security-level 100
ciscoasa(config-if)# nameif intside
ciscoasa(config-if)# ip address 192.168.1.1 255.255.255.0
ciscoasa(config-if)# no shut
Create static Route:
ciscoasa(config)# route outside 0.0.0.0 0.0.0.0 172.16.10.1
ciscoasa(config)# http server enable
ciscoasa(config)# http 0.0.0.0 0.0.0.0 outside
NAT Configuration
Create Objects for NAT
ciscoasa(config)#object network LAN
ciscoasa(config-network-object)# subnet 192.168.1.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic interface
ciscoasa(config-network-object)# exit
Create Access-List to get internet for LAN
ciscoasa(config)# access-list LAN_Nat extended permit tcp any any
ciscoasa(config)# access-list LAN_Nat extended permit icmp any any
ciscoasa(config)# access-group LAN_Nat in interface outside
DHCP Configuration
ciscoasa(config)#interface gig 0/0
ciscoasa(config-if)#dhcpd address 192.168.1.2-192.168.1.254 inside
ciscoasa(config)#dhcpd lease 3600 <in seconds>
ciscoasa(config)#dhcpd enable inside
DNS Configuration
ciscoasa(config)#dns domain-lookup inside
ciscoasa(config)#dhcpd dns 8.8.8.8
ciscoasa(config)#dns name-server 8.8.8.8
The use of Security Level:
Security level can be used from 0 to 100. but the uses of these are as below-
0 is used for Outside <Most secure>
100 is used for Inside <Low secure>
1-99 are used for DMZ
GUI mode or Browse with http://ipaddress:
Install java and ASDM software
*****
0 Comments