Cisco ASA 5505 Configuration Manual

Download or browse on-line these Configuration Manual for Cisco 5505 - ASA Firewall Edition Bundle Chassis, Computer Hardware.

Cisco 5505 - ASA Firewall Edition Bundle Manual Information:

This manual for Cisco 5505 - ASA Firewall Edition Bundle, given in the PDF format, is available for free online viewing and download without logging on. The guide contains 1822 pages, and the size of the file at download is . The document type is Configuration Manual.

Download Manual

This sample of Cisco 5505 - ASA Firewall Edition Bundle Manual is aimed at the following devices list: 5505 - ASA Firewall Edition Bundle, ASA 5580, 5520 - ASA IPS Edition Bundle, ASA 5550, Cisco ASA 5510

More Manuals:

In case you failed to obtain relevant information in this document, please, look through related operating manuals and user instructions for Cisco 5505 - ASA Firewall Edition Bundle. Just click one of the links below to go to the selected manual:

Summary of Contents:

[Page 1] Cisco 5505 - ASA Firewall Edition Bundle

Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Cisco ASA 5500 Series Configuration Guide using ASDM Software Version 6.3, fo...

[Page 2] Cisco 5505 - ASA Firewall Edition Bundle

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY K...

[Page 3] Cisco 5505 - ASA Firewall Edition Bundle

iii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CONTENTS About This Guide lix Document Objectives lix Audience lix Related Documentation lx Document Conventions lx Obtaining Documentation, Obtaining Support, and Security Guidel...

[Page 4] Cisco 5505 - ASA Firewall Edition Bundle

Contents iv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Enabling Threat Detection 1-17 Enabling the Botnet Traffic Filter 1-17 Configuring Cisco Unified Communications 1-18 Firewall Mode Overview 1-18 Stateful Inspection Overvi...

[Page 5] Cisco 5505 - ASA Firewall Edition Bundle

Contents v Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Toolbar 3-10 ASDM Assistant 3-10 Status Bar 3-11 Connection to Device 3-11 Device List 3-11 Common Buttons 3-12 Keyboard Shortcuts 3-13 Enabling Extended Screen Reader Supp...

[Page 6] Cisco 5505 - ASA Firewall Edition Bundle

Contents vi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Preinstalled License 4-12 Permanent License 4-12 Time-Based Licenses 4-12 Time-Based License Activation Guidelines 4-12 How the Time-Based License Timer Works 4-12 How Per...

[Page 7] Cisco 5505 - ASA Firewall Edition Bundle

Contents vii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Configuring ARP Inspection for the Transparent Firewall 5-8 Information About ARP Inspection 5-8 Licensing Requirements for ARP Inspection 5-8 Default Settings 5-9 Guidel...

[Page 8] Cisco 5505 - ASA Firewall Edition Bundle

Contents viii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 System Configuration 6-2 Admin Context Configuration 6-2 How the Security Appliance Classifies Packets 6-3 Valid Classifier Criteria 6-3 Classification Examples 6-4 Casc...

[Page 9] Cisco 5505 - ASA Firewall Edition Bundle

Contents ix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Prerequisites for the Startup Wizard 7-2 Guidelines and Limitations 7-2 Startup Wizard Screens for ASA 5500 Series Adaptive Security Appliances 7-3 Startup Wizard Screens ...

[Page 10] Cisco 5505 - ASA Firewall Edition Bundle

Contents x Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Editing Static Neighbors 7-26 Deleting Static Neighbors 7-26 Viewing and Clearing Dynamic Neighbors 7-27 Interface Configuration 7-27 Outside Interface Configuration - PPPo...

[Page 11] Cisco 5505 - ASA Firewall Edition Bundle

Contents xi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Task Flow for Completing Interface Configuration 8-21 Configuring General Interface Parameters 8-22 PPPoE IP Address and Route Settings 8-25 Configuring Advanced Interface...

[Page 12] Cisco 5505 - ASA Firewall Edition Bundle

Contents xii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Feature History for the Master Passphrase 9-9 Configuring the DNS Server 9-10 Defining ASDM Preferences 9-11 Using the ASDM Assistant 9-13 Enabling History Metrics 9-13 S...

[Page 13] Cisco 5505 - ASA Firewall Edition Bundle

Contents xiii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CHAPTER 12 Configuring Web Cache Services Using WCCP 12-1 Information About WCCP 12-1 Guidelines and Limitations 12-1 Licensing Requirements for WCCP 12-2 Configuring ...

[Page 14] Cisco 5505 - ASA Firewall Edition Bundle

Contents xiv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CHAPTER 14 Configuring Public Servers 14-1 Public Server Overview 14-1 Adding a Public Server 14-2 Adding a Public Server that Enables Static NAT 14-2 Adding a Public S...

[Page 15] Cisco 5505 - ASA Firewall Edition Bundle

Contents xv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 PART 4 Configuring IP Routing CHAPTER 18 Information About Routing 18-1 Information About Routing 18-1 Switching 18-1 Path Determination 18-2 Supported Route Types 18-...

[Page 16] Cisco 5505 - ASA Firewall Edition Bundle

Contents xvi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Limitations on Configuring a Default Static Route 19-7 Configuring IPv6 Default and Static Routes 19-8 Monitoring a Static or Default Route 19-8 Configuration Examples fo...

[Page 17] Cisco 5505 - ASA Firewall Edition Bundle

Contents xvii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Configuring a Virtual Link in OSPF 21-17 Restarting the OSPF Process 21-19 Configuration Example for OSPF 21-19 Monitoring OSPF 21-20 Feature History for OSPF 21-21 CHAP...

[Page 18] Cisco 5505 - ASA Firewall Edition Bundle

Contents xviii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Enabling EIGRP 23-4 Enabling EIGRP Stub Routing 23-5 Customizing EIGRP 23-6 Defining a Network for an EIGRP Routing Process 23-7 Configuring Interfaces for EIGRP 23-7 C...

[Page 19] Cisco 5505 - ASA Firewall Edition Bundle

Contents xix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Modifying the Query Messages to Multicast Groups 24-9 Changing the IGMP Version 24-9 Configuring PIM Features 24-10 Enabling and Disabling PIM on an Interface 24-10 Confi...

[Page 20] Cisco 5505 - ASA Firewall Edition Bundle

Contents xx Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Information About Router Advertisement Messages 25-8 Configuring the Router Advertisement Transmission Interval 25-10 Licensing Requirements for Router Advertisement Trans...

[Page 21] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 NAT Types 26-2 Static NAT 26-3 Information About Static NAT 26-3 Information About Static NAT with Port Translation 26-3 Information About One-to-Many Static NAT 26-6 Inf...

[Page 22] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 NAT for Inside Hosts (Dynamic NAT) and NAT for an Outside Web Server (Static NAT) 27-20 Inside Load Balancer with Multiple Mapped Addresses (Static NAT, One-to-Many) 27-...

[Page 23] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxiii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Default Configuration 29-7 Default Traffic Classes 29-8 Task Flows for Configuring Service Policies 29-8 Task Flow for Configuring a Service Policy Rule 29-8 Adding a S...

[Page 24] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxiv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Advanced Access Rule Configuration 30-11 Access Rule Explosion 30-12 Feature History for Access Rules 30-13 CHAPTER 31 Configuring AAA Servers and the Local Database 3...

[Page 25] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Testing Server Authentication and Authorization 31-18 Adding a User Account 31-18 Configuring VPN Policy Attributes for a User 31-20 Configuring LDAP Attribute Maps ...

[Page 26] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxvi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Recovering from a Lockout 32-24 CHAPTER 33 Configuring AAA Rules for Network Access 33-1 AAA Performance 33-1 Configuring Authentication for Network Access 33-1 Inform...

[Page 27] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxvii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Feature History for URL Filtering 34-12 CHAPTER 35 Configuring Digital Certificates 35-1 Information About Digital Certificates 35-1 Public Key Cryptography 35-2 Cert...

[Page 28] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxviii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Authenticating Using the Local CA 35-22 Configuring the Local CA Server 35-22 Deleting the Local CA Server 35-25 Managing the User Database 35-25 Adding a Local CA Use...

[Page 29] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Using Strict FTP 37-14 Select FTP Map 37-15 FTP Class Map 37-15 Add/Edit FTP Traffic Class Map 37-16 Add/Edit FTP Match Criterion 37-16 FTP Inspect Map 37-18 File Type F...

[Page 30] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxx Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 NetBIOS Inspection Overview 37-48 Select NETBIOS Map 37-48 NetBIOS Inspect Map 37-49 Add/Edit NetBIOS Policy Map 37-49 PPTP Inspection 37-50 SMTP and Extended SMTP Inspec...

[Page 31] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Add/Edit MGCP Policy Map 38-17 Add/Edit MGCP Group 38-18 RTSP Inspection 38-19 RTSP Inspection Overview 38-19 Using RealPlayer 38-20 Restrictions and Limitations 38-20 S...

[Page 32] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CHAPTER 40 Configuring Inspection for Management Application Protocols 40-1 DCERPC Inspection 40-1 DCERPC Overview 40-1 Select DCERPC Map 40-2 DCERPC Inspect Map 40-2...

[Page 33] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxiii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Licensing Requirements for the Unified Communication Wizard 42-3 Guidelines and Limitations 42-3 Configuring the Mobility Advantage by using the Unified Communication ...

[Page 34] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxiv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Prerequisites for IP Phones on Multiple Interfaces 43-8 7960 and 7940 IP Phones Support 43-9 Cisco IP Communicator Prerequisites 43-9 Prerequisites for Rate Limiting TF...

[Page 35] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Feature History for the TLS Proxy for Encrypted Voice Inspection 44-17 CHAPTER 45 Configuring Cisco Mobility Advantage 45-1 Information about the Cisco Mobility Advant...

[Page 36] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxvi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Task Flow for Configuring Cisco Intercompany Media Engine 47-11 Configuring NAT for Cisco Intercompany Media Engine Proxy 47-12 Configuring PAT for the Cisco UCM Server...

[Page 37] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxvii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Supported QoS Features 49-2 What is a Token Bucket? 49-2 Information About Policing 49-3 Information About Priority Queueing 49-3 Information About Traffic Shaping 49-...

[Page 38] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxviii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Where to Go Next 50-15 Feature History for the Botnet Traffic Filter 50-15 CHAPTER 51 Configuring Threat Detection 51-1 Information About Threat Detection 51-1 Conf...

[Page 39] Cisco 5505 - ASA Firewall Edition Bundle

Contents xxxix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 PART 12 Configuring Applications on SSMs and SSCs CHAPTER 53 Managing SSMs and SSCs 53-1 Information About SSMs and SSCs 53-1 Supported Applications 53-1 Informatio...

[Page 40] Cisco 5505 - ASA Firewall Edition Bundle

Contents xl Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Guidelines and Limitations 55-6 Default Settings 55-6 Configuring the CSC SSM 55-7 Before Configuring the CSC SSM 55-7 Connecting to the CSC SSM 55-8 Determining Service P...

[Page 41] Cisco 5505 - ASA Firewall Edition Bundle

Contents xli Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CSC Setup Wizard Summary 56-12 Using the CSC SSM GUI 56-13 Web 56-13 Mail 56-14 SMTP Tab 56-14 POP3 Tab 56-15 File Transfer 56-15 Updates 56-16 Where to Go Next 56-16 Add...

[Page 42] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Failover Messages 57-13 Failover System Messages 57-13 Debug Messages 57-13 SNMP 57-13 CHAPTER 58 Using the High Availability and Scalability Wizard 58-1 Information A...

[Page 43] Cisco 5505 - ASA Firewall Edition Bundle

Contents xliii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Guidelines and Limitations 59-5 Configuring Active/Standby Failover 59-6 Configuring Failover 59-6 Configuring Interface Standby Addresses 59-8 Configuring Interface St...

[Page 44] Cisco 5505 - ASA Firewall Edition Bundle

Contents xliv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Failover > MAC Addresses Tab 60-15 Controlling Failover 60-16 Forcing Failover 60-17 Disabling Failover 60-17 Restoring a Failed Unit or Failover Group 60-17 Monitori...

[Page 45] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 CHAPTER 63 Configuring IKE, Load Balancing, and NAC 63-1 Setting IKE Parameters 63-1 Creating IKE Policies 63-4 Add/Edit IKE Policy 63-5 Assignment Policy 63-7 Address ...

[Page 46] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlvi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Browse Time Range 64-13 Add/Edit Time Range 64-14 Add/Edit Recurring Time Range 64-14 ACL Manager 64-15 Standard ACL 64-15 Extended ACL 64-16 Add/Edit/Paste ACE 64-17 Br...

[Page 47] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlvii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Configuring Secondary Authentication Attributes for an SSL VPN Connection Profile 64-54 Configuring Authorization Attributes for an SSL VPN Connection Profile 64-56 Add...

[Page 48] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlviii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Add/Edit Tunnel Group for Site-to-Site VPN 64-91 Add/Edit Tunnel Group > PPP 64-92 Add/Edit Tunnel Group > IPsec for LAN to LAN Access > General > Basic 64...

[Page 49] Cisco 5505 - ASA Firewall Edition Bundle

Contents xlix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 The DAP CheckAndMsg Function 65-24 Additional Lua Functions 65-26 CheckAndMsg with Custom Function Example 65-28 Further Information on Lua 65-28 Operator for Endpoint C...

[Page 50] Cisco 5505 - ASA Firewall Edition Bundle

Contents l Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Add/Edit Port Forwarding List 67-26 Add/Edit Port Forwarding Entry 67-26 Configuring the Use of External Proxy Servers 67-27 Configuring Proxy Bypass 67-28 SSO Servers 67-3...

[Page 51] Cisco 5505 - ASA Firewall Edition Bundle

Contents li Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Import/Export Application Help Content 67-75 Configuring Browser Access to Client-Server Plug-ins 67-76 About Installing Browser Plug-ins 67-77 RDP Plug-in ActiveX Debug Q...

[Page 52] Cisco 5505 - ASA Firewall Edition Bundle

Contents lii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Default Servers 68-11 Delimiters 68-13 CHAPTER 69 Configuring SSL Settings 69-1 SSL 69-1 Edit SSL Certificate 69-2 SSL Certificates 69-3 CHAPTER 70 Monitoring VPN 70-...

[Page 53] Cisco 5505 - ASA Firewall Edition Bundle

Contents liii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Prerequisites for Logging 71-5 Guidelines and Limitations 71-6 Configuring Logging 71-6 Enabling Logging 71-6 Configuring an Output Destination 71-7 Sending Syslog Messa...

[Page 54] Cisco 5505 - ASA Firewall Edition Bundle

Contents liv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Editing Filtering Settings 71-24 Feature History for Logging 71-25 CHAPTER 72 Configuring NetFlow Secure Event Logging (NSEL) 72-1 Information About NSEL 72-1 Using NSE...

[Page 55] Cisco 5505 - ASA Firewall Edition Bundle

Contents lv Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Using SNMP Version 1 or 2c 73-9 Using SNMP Version 3 73-9 Monitoring SNMP 73-10 SNMP Syslog Messaging 73-11 SNMP Monitoring 73-11 Where to Go Next 73-12 Additional Refe...

[Page 56] Cisco 5505 - ASA Firewall Edition Bundle

Contents lvi Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Backing Up and Restoring Configurations, Images, and Profiles 75-13 Backing Up Configurations 75-13 Restoring Configurations 75-17 Downgrading Your Software 75-19 Informa...

[Page 57] Cisco 5505 - ASA Firewall Edition Bundle

Contents lvii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Determining the Subnet Mask A-3 Determining the Address to Use with the Subnet Mask A-3 IPv6 Addresses A-5 IPv6 Address Format A-5 IPv6 Address Types A-6 Unicast Address...

[Page 58] Cisco 5505 - ASA Firewall Edition Bundle

Contents lviii Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 G LOSSARY I NDEX ...

[Page 59] Cisco 5505 - ASA Firewall Edition Bundle

lix Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 About This Guide This preface introduces Cisco ASA 5500 Series Configuration Guide using ASDM and includes the following sections: • Document Objectives, page lix • Audience,...

[Page 60] Cisco 5505 - ASA Firewall Edition Bundle

lx Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 About This Guide • Configure intrusion detection software Related Documentation For more information, see Navigating the Cisco ASA 5500 Series Documentation at http://www.cis...

[Page 61] Cisco 5505 - ASA Firewall Edition Bundle

P ART 1 Getting Started and General Information ...

[Page 62] Cisco 5505 - ASA Firewall Edition Bundle

...

[Page 63] Cisco 5505 - ASA Firewall Edition Bundle

CHAPTER 1-1 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance The adaptive security appliance combines advanced stateful firewall and VPN concentrator functiona...

[Page 64] Cisco 5505 - ASA Firewall Edition Bundle

1-2 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance ASA 5500 Model Support Table 1-1 lists the supported and recommended client operating system...

[Page 65] Cisco 5505 - ASA Firewall Edition Bundle

1-3 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance VPN Specifications Table 1-2 shows the modules supported by each model: VPN Specifications S...

[Page 66] Cisco 5505 - ASA Firewall Edition Bundle

1-4 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Table 1-3 lists the new features for ASDM Version 6.3(2). All features apply on...

[Page 67] Cisco 5505 - ASA Firewall Edition Bundle

1-5 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Hardware processing for large modulus operations (2048-bit RSA certificate a...

[Page 68] Cisco 5505 - ASA Firewall Edition Bundle

1-6 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features New Features in Version 6.3(1)/8.3(1) General Features No Payload Encryption i...

[Page 69] Cisco 5505 - ASA Firewall Edition Bundle

1-7 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Table 1-4 lists the new features for ASDM Version 6.3(1). All features apply on...

[Page 70] Cisco 5505 - ASA Firewall Edition Bundle

1-8 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features IPv6 support for IKEv1 LAN-to-LAN VPN connections For LAN-to-LAN connections ...

[Page 71] Cisco 5505 - ASA Firewall Edition Bundle

1-9 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Usability Improvements for Remote Access VPN ASDM provides a step-by-step guid...

[Page 72] Cisco 5505 - ASA Firewall Edition Bundle

1-10 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Use of Real IP addresses in access lists instead of translated addresses Whe...

[Page 73] Cisco 5505 - ASA Firewall Edition Bundle

1-11 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Unified Communication Wizard The Unified Communications wizard guides you thr...

[Page 74] Cisco 5505 - ASA Firewall Edition Bundle

1-12 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance New Features Stackable time-based licenses Time-based licenses are now stackable. In many ...

[Page 75] Cisco 5505 - ASA Firewall Edition Bundle

1-13 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Unsupported Commands Unsupported Commands ASDM supports almost all commands available for t...

[Page 76] Cisco 5505 - ASA Firewall Edition Bundle

1-14 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Unsupported Commands Effects of Unsupported Commands If ASDM loads an existing running conf...

[Page 77] Cisco 5505 - ASA Firewall Edition Bundle

1-15 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Firewall Functional Overview Firewall Functional Overview Firewalls protect inside networks...

[Page 78] Cisco 5505 - ASA Firewall Edition Bundle

1-16 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Firewall Functional Overview Permitting or Denying Traffic with Access Rules You can apply ...

[Page 79] Cisco 5505 - ASA Firewall Edition Bundle

1-17 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Firewall Functional Overview manager. Other legitimate connections continue to operate inde...

[Page 80] Cisco 5505 - ASA Firewall Edition Bundle

1-18 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Firewall Functional Overview address. The Botnet Traffic Filter checks incoming and outgoin...

[Page 81] Cisco 5505 - ASA Firewall Edition Bundle

1-19 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance VPN Functional Overview – Performing the access list checks – Performing route lookups ...

[Page 82] Cisco 5505 - ASA Firewall Edition Bundle

1-20 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance Security Context Overview • Manages data transfer across the tunnel • Manages data tra...

[Page 83] Cisco 5505 - ASA Firewall Edition Bundle

CHAPTER 2-1 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 2 Getting Started This chapter describes how to get started with your adaptive security appliance. This chapter includes the following sections: • Configuring the Secur...

[Page 84] Cisco 5505 - ASA Firewall Edition Bundle

2-2 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Starting ASDM • Using ASDM in Demo Mode, page 2-3 • Starting ASDM from a Web Browser, page 2-4 Downloading the ASDM Launcher The ASDM Launcher...

[Page 85] Cisco 5505 - ASA Firewall Edition Bundle

2-3 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Starting ASDM Using ASDM in Demo Mode The ASDM Demo Mode, a separately installed application, lets you run ASDM without having a live device avai...

[Page 86] Cisco 5505 - ASA Firewall Edition Bundle

2-4 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Starting ASDM – Toolbar/Status bar > Save – Configuration > Interface > Edit Interface > Renew DHCP Lease – Configuring a standb...

[Page 87] Cisco 5505 - ASA Firewall Edition Bundle

2-5 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Multiple ASDM Session Support Multiple ASDM Session Support ASDM allows multiple PCs or workstations to each have one browser session open with th...

[Page 88] Cisco 5505 - ASA Firewall Edition Bundle

2-6 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Factory Default Configurations Detailed Steps Step 1 In the main ASDM application window, choose File > Reset Device to the Factory Default Co...

[Page 89] Cisco 5505 - ASA Firewall Edition Bundle

2-7 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Factory Default Configurations switchport access vlan 1 no shutdown interface Ethernet 0/2 switchport access vlan 1 no shutdown interface Ethernet...

[Page 90] Cisco 5505 - ASA Firewall Edition Bundle

2-8 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Getting Started With the Configuration http server enable http 192.168.1.0 255.255.255.0 management dhcpd address 192.168.1.2-192.168.1.254 manage...

[Page 91] Cisco 5505 - ASA Firewall Edition Bundle

2-9 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Using the Command Line Interface • Showing Commands Ignored by ASDM on the Device, page 2-10 Using the Command Line Interface Tool This feature ...

[Page 92] Cisco 5505 - ASA Firewall Edition Bundle

2-10 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 2 Getting Started Using the Command Line Interface Avoiding Conflicts with Other Administrators Multiple administrative users can update the running configuration ...

[Page 93] Cisco 5505 - ASA Firewall Edition Bundle

CHAPTER 3-1 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 3 Using the ASDM User Interface This chapter describes how to use the ASDM user interface, and includes the following sections: • Information About the ASDM User Interface...

[Page 94] Cisco 5505 - ASA Firewall Edition Bundle

3-2 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Information About the ASDM User Interface – Click links on the left side of the application window in the left Navigation pane. The ...

[Page 95] Cisco 5505 - ASA Firewall Edition Bundle

3-3 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Navigating in the ASDM User Interface Legend Note Tool tips have been added for various parts of the GUI, including Wizards, the Confi...

[Page 96] Cisco 5505 - ASA Firewall Edition Bundle

3-4 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Menus • To add or remove buttons, click Add or Remove Buttons, then click the button to add or remove from the list that appears. �...

[Page 97] Cisco 5505 - ASA Firewall Edition Bundle

3-5 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Menus View Menu The View menu lets you display various parts of the ASDM user interface. Certain items are dependent on the current v...

[Page 98] Cisco 5505 - ASA Firewall Edition Bundle

3-6 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Menus Tools Menu The Tools menu provides you with the following series of tools to use in ASDM. Addresses Shows and hides the display ...

[Page 99] Cisco 5505 - ASA Firewall Edition Bundle

3-7 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Menus Ping Verifies the configuration and operation of the adaptive security appliance and surrounding communications links, as well ...

[Page 100] Cisco 5505 - ASA Firewall Edition Bundle

3-8 Cisco ASA 5500 Series Configuration Guide using ASDM OL-20339-01 Chapter 3 Using the ASDM User Interface Menus Wizards Menu The Wizards menu lets you run a wizard to configure multiple features. The following table lists the available Wiz...