1© 2009 Cisco Learning Institute.

09- Configuring Cisco ASA

Ahmed Sultan CCNA | CCNA Security | CCNP Security | JNCIA-Junos | CEH

222© 2009 Cisco Learning Institute.

What is Cisco ASA ?

• ASA in Cisco ASA stands for Adaptive Security Appliance.

• Cisco ASA is a  security device that combines firewall, intrusion prevention, and virtual private network (VPN) capabilities.

• ASA is valuable and flexible in that it can be used as a security solution for both small and large networks.

• Cisco ASA can do the following and more:

- Anti virus

- Anti spam

- IDS/IPS engine

- VPN device

- SSL device

- Content inspection

333© 2009 Cisco Learning Institute.

Cisco ASA Models

444© 2009 Cisco Learning Institute.

ASA Security Levels

555© 2009 Cisco Learning Institute.

Emulate ASA on GNS3 (Lab)

Firewall# config tFirewall(config)# interface Ethernet 0/0Firewall(config-if)# ip address 10.10.10.1 255.255.255.0Firewall(config-if)# nameif Management

Firewall(config-if)# security-level 100Firewall(config-if)# no shutdown

666© 2009 Cisco Learning Institute.

Configure ASA Using ASDM (Lab)

• Make sure your PC is ready to talk to Firewall.

• Copy ASDM image to Firewall (TFTP server).

• Set the Firewall to Load ASDM at next reboot.- Firewall(config)# asdm image flash:asdm-647.bin

- Firewall(config)# http server enable

- Firewall(config)# http 10.10.10.2 255.255.255.255 Management

- Firewall(config)# username ahmedsultan password cisco privilege 15

•  Launch your browser and go to https://10.10.10.1

•  Download and Install ASDM App from website.

777© 2009 Cisco Learning Institute.

Configure ASA Using ASDM (Lab)