Cisco ASA 5505 Quick Start Manual

Download Quick start manual of Cisco 5505 - ASA Firewall Edition Bundle Chassis, Firewall for Free or View it Online on All-Guides.com.

Cisco 5505 - ASA Firewall Edition Bundle Quick start manual - Page 1
1
Cisco 5505 - ASA Firewall Edition Bundle Quick start manual - Page 2
2
Before you install the Cisco ASA 5505 Adaptive Security Appliance, please read the Regulatory Compliance and Safety Information
for the Cisco ASA 5500 Series Adaptive Security Appliance document on Cisco.com or in the product CD that ships with the chassis.
1. Verifying the Package Contents
Cisco ASA 5505
Power cable
(US shown)
Power supply adapter
Blue console cable
Yellow Ethernet cable
Security
Services
Card Slot
1
2
CONSOLE
RESET
POWER
48
VDC
7
POWER over ETHERNET
6
5
43
21
0
Documentation
Cisco ASA 5505
Firewall
Product CD
Cisco ASA 5505
Quick Start
Guide
2. Installing the Chassis
The adaptive security appliance ships with a default configuration that includes two preconfigured networks (the Inside network and
the Outside network) and an Inside interface configured with dynamic addressing. Clients on the Inside network obtain a dynamic IP
address from the adaptive security appliance so that they can communicate with each other as well as with devices on the Internet.
Step 1 Connect one end of a yellow straight-through Ethernet cable to port 0 on the adaptive security appliance. (By default, switch
port 0 is the Outside interface.) Connect the other end to a cable/DSL/ISDN modem (the Outside network).
Step 2 Connect your devices (such as PCs, printers, and servers) with straight-through Ethernet cables to ports 1 through 7.
Note Connect a PC to the adaptive security appliance so that you can run Adaptive Security Device Manager (ASDM). See “4.
Initial Configuration Considerations.”
Step 3 Connect PoE devices (such as Cisco IP Phones or network cameras) with straight-through Ethernet cables to switch ports 6 or
7 (the only ports providing power to PoE devices).
If you connect a server (such as a web server) to the adaptive security appliance, you can use ASDM to make services on that server
accessible by internal and external users. See “7. (Optional) Making Internal Services Accessible from the Internet.”
Security
Services
Card Slot
1
2
POWER
48
VDC
7
POWER over ETHERNET 6
543 210
Console
RESET
Por ts 1 − 7
Inside Network Interfaces
Port 0
Outside Network Interface
Internet
ISP Connection
Outside NetworkInside Network
Web ServerCisco IP Phone PC
123
3. Powering on and Verifying Interface Connectivity
Step 1 Connect the power supply adaptor to the power cable.
Step 2 Connect the rectangular connector of the power supply adaptor to the power connector on the rear panel of the adaptive security
appliance.
Step 3 Connect the AC power connector of the power cable to an electrical outlet. (The adaptive security appliance does not have a
power switch. Completing this step powers on the device.)
Step 4 Check the Power LED on the front of the adaptive security appliance; if it is solid green, the device is powered on.
Step 5 If you connected a PC to the adaptive security appliance to run ASDM, restart the PC. (The PC obtains a dynamic IP address
from the adaptive security appliance and must be restarted.)
Step 6 Check the LINK/ACT indicators to verify interface connectivity.
Interface Connectivity
Each Ethernet interface has an LED to indicate a physical link is established. When the LED is solid green, a link is established. When
the LED is flashing green, there is network activity.
If a LINK/ACT LED is not lit, the link could be down due to a duplex mismatch. If auto-negotiation is disabled, verify you are using
a straight-through Ethernet cable.
For a description of all chassis components, see the Cisco ASA 5500 Series Hardware Installation Guide on the product CD or
Cisco.com.
Cisco ASA 5505 series
Adaptive Security Appliance
0
0 0 0 0 0 0 0 0
LINK/ACT
Power Status Active VPN SSC
100 MBPS
LINK/ACT Indicator Power Indicator
4. Initial Configuration Considerations
The adaptive security appliance ships with a default configuration that, in most cases, is sufficient for your basic deployment. You
configure the adaptive security appliance by using Adaptive Security Device Manager (ASDM). ASDM is a graphical interface that allows
you to manage the adaptive security appliance from any location by using a web browser.
However, changing certain settings is recommended or required. For example, you should change the following settings from their
defaults:
The privileged mode (enable) password that is required to administer the adaptive security appliance through ASDM and the CLI
When using the adaptive security appliance as a VPN endpoint (using the SSL VPN features):
The hostname, domain name, and DNS server names
Setting a static Outside interface IP address
Creating an identity certificate
Configuring WINS names when access to Windows file shares is required
Use the Start up Wizard in ASDM to make these changes. See “6. Running the Startup Wizard in ASDM.”
Requirements for Running ASDM
The PC connected to the adaptive security appliance must meet the following requirements to run ASDM.
Operating System and Version Browser
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2003 Server (English or Japanese)
Microsoft Windows 2000 (Service Pack 4 or higher)
Internet Explorer 6.0 or higher with Sun Java (JRE)
1
5.0 (1.5) or 6.0
Firefox 1.5 or higher with Sun Java (JRE) 5.0 (1.5) or 6.0
1. Obtain Sun Java from java.sun.com.
Apple Macintosh
®
OS X Firefox 1.5 or 2.0 or Safari 2.0 with Java SE Plug-in 1.4.2, 5.0 (1.5.0), or
6.0
2
2. With Apple Macintosh, only 32-bit Java SE will be supported. Currently, this also excludes Java 6. The 32-bit Java can run on a 64-bit Mac OS.
Red Hat Linux Desktop
Red Hat Enterprise Linux WS version 4 running
GNOME or KDE
Firefox 1.5 or higher with Sun Java (JRE) 5.0 (1.5) or 6.0
5. Launching ASDM (Adaptive Security Device Manager)
Step 1 On the PC connected to the adaptive security appliance, launch a web browser. (Verify that Java and JavaScript are enabled in
your web browser. See “Requirements for Running ASDM” for information.)
Step 2 In the Address field, enter the following URL: https://192.168.1.1/admin. The Cisco ASDM web page appears.
Step 3 Click Run Startup Wizard.
Step 4 Click Yes in each dialog box to accept the certificates. The Cisco ASDM-IDM Launcher appears.
Step 5 Leave the username and password fields empty and click OK.
The main ASDM window appears and the Startup Wizard opens. See “6. Running the Startup Wizard in ASDM.”
6. Running the Startup Wizard in ASDM
Run the Startup Wizard to modify the default configuration so that you can customize the security policy to suit your deployment.
To run the Startup Wizard:
Step 1 In the main ASDM window, choose Wizards > Startup Wizard.
Step 2 Follow the instructions in the Startup Wizard to configure your adaptive security appliance.
If you get an error when launching the wizard requesting a DES license or a 3DES-AES license or you want to review your license
information, choose Configuration > Device Management > Licensing.
Step 3 While running the wizard, you can accept the default settings or change them as required. (For information about any wizard
field, click Help in the window.)
After running the Startup Wizard, you can run other wizards to configure remote access with the adaptive security appliance. See “8.
(Optional) Running the IPsec VPN Wizard in ASDM” and “9. (Optional) Running the SSL VPN Wizard in ASDM.”
What you set:
• Hostname
• Domain name
• Administrative
passwords
• IP address of
Outside interface
• Interfaces, such as
DMZ interfaces
• Address translation rules
• Dynamic IP address
settings for Inside interface