If you are new users of Cisco ASA 5500-X Series Next-Generation Firewalls, are you familiar with the ASA 5500-X Series configuration? There are different Cisco ASA CX models available in a wide range of sizes, for small offices, branch locations, and Internet-edge deployments.
In this article, we will share the simple start guide of Cisco ASA 5500-X Series, including the model ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X.
First of all, let’s check the main package contents of ASA 5512-X, ASA 5515-X, or ASA 5525-X, ASA 5545-X and ASA 5555-X.
ASA 5512-X, ASA 5515-X, or ASA 5525-X
ASA 5545-X and ASA 5555-X
Note: The contents are subject to change, and your exact contents might contain additional or fewer items.
Power on the ASA
The power turns on automatically when you plug in the power cable; do not press the power button on the front panel. (For older models, the power does not turn on automatically; check the hardware installation guide for more information).
3. Check the Status LED on the front of the ASA; after it is solid green, the system has passed power-on diagnostics.
Modify the Initial Configuration for the Software Module (Optional)
The ASA ships with a default configuration that enables Adaptive Security Device Manager (ASDM) connectivity to the Management 0/0 interface. When you use a software module such as the ASA FirePOWER module, we recommend that you do not use the default configuration, which can preclude the module from reaching the Internet for updates. This section describes how to apply a new configuration so the module can access the Internet. This configuration also enables a basic usable configuration for an inside and outside network.
The following figure shows the suggested network deployment for the ASA 5500-X with a software module:
Note: If you have an inside router instead of a switch, you can skip this section and instead configure the ASA to route between management and an inside network. In this case, configure the ASA and the module Management 0/0 IP addresses to be on the same network. Be sure to configure appropriate routes on the ASA and on the module so the management network can reach the inside network, and vice versa.
This procedure lets you connect to the ASA console port and paste in a new configuration that configures the following behavior:
- inside --> outside traffic flow
- outside IP address from DHCP
- DHCP for clients on inside
- Management 0/0 interface is Up, but otherwise unconfigured. The software module can then use this interface to access the ASA inside network and use the inside interface as the gateway to the Internet.
- ASDM access on the inside interface
To achieve the above configuration, perform the following steps.
1. Connect your computer to the ASA console port with the supplied console cable. You might need to use a third party serial-to-USB cable to make the connection.
10. Cable the inside GigabitEthernet 0/1 interface, Management 0/0 interface, and your computer to a Layer 2 Ethernet switch.
12. For software module configuration, see the ASA FirePOWER quick start guide, ASA CX quick start guide, or IPS quick start guide. Use the following network settings for the module:
4. Launch ASDM
Using ASDM, you can use wizards to configure basic and advanced features. ASDM is a graphical user interface that allows you to manage the ASA using a web browser. See the ASDM release notes on Cisco.com for the requirements to run ASDM.
How to…
1. On the computer connected to the ASA, launch a web browser. If you are using the default configuration and did not use 3. Modify the Initial Configuration for the Software Module (Optional), you need to connect the computer to the Management 0/0 interface.
2. In the Address field, enter the following URL: https://192.168.1.1/admin. The Cisco ASDM web page appears.
ASDM-IDM Launcher appears.
…
The Full Cisco ASA 5500-X Series Start Guide you can read the http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/5500X/5500x_quick_start.html
More Related