Cisco ASA Basic Configuration

This is a base configuration template that can be used to start building your Cisco ASA firewalls. Enjoy !!!

!
username admin password mypassword privilege 15
hostname <hostname>
!
enable password mypassword
!
clock timezone GMT/BST 0
clock summer-time BST recurring 1 Sun Apr 3:00 last Sun Oct 2:00
!
interface Ethernet0/0
speed 100
duplex full
nameif outside
security-level 0
ip address x.x.x.x x.x.x.x
!
interface Ethernet0/1
speed 100
duplex full
nameif inside
security-level 100
ip address x.x.x.x x.x.x.x
!
interface Management0/0
nameif management
security-level 100
ip address x.x.x.x
management-only
!
pager lines 24
logging enable
logging timestamp
logging standby
logging buffered informational
logging trap informational
logging asdm informational
logging facility 23
logging queue 250
!
logging host management x.x.x.x
!

logging host inside x.x.x.x
!
mtu inside 1500
mtu management 1500
mtu outside 1500
!
route management x.x.x.x x.x.x.x 
route inside x.x.x.x x.x.x.x 
!
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ (management) host x.x.x.x
 key mytacacskey
aaa-server TACACS+ (management) host x.x.x.x
 key mytacacskey
!
aaa authentication ssh console TACACS+ 
aaa authentication telnet console TACACS+ 
aaa authentication http console TACACS+ 
aaa authentication serial console TACACS+ LOCAL
aaa accounting command TACACS+
aaa accounting enable console TACACS+
aaa accounting serial console TACACS+
aaa accounting ssh console TACACS+
aaa accounting telnet console TACACS+

or

aaa authentication serial console LOCAL
aaa authentication enable console TACACS+ LOCAL
aaa authentication ssh console TACACS+ LOCAL
aaa authentication http console TACACS+
aaa authorization command TACACS+ LOCAL
aaa accounting command TACACS+ LOCAL
aaa accounting enable console TACACS+ LOCAL
aaa accounting serial console LOCAL
aaa accounting ssh console TACACS+ LOCAL

snmp-server host inside x.x.x.x community 

or

snmp-server host inside x.x.x.x
snmp-server community 
snmp-server location 
snmp-server contact 
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
snmp-server enable traps syslog
!
policy-map global_policy
class inspection_default
inspect icmp
!
Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s