Hi,

Ok...I'm struggling here. I have always used Watchguard products, and decided to step up and buy my first Cisco. I'm finding that the configuration is not quite as easy, and would love to get some help.

I have a very simple setup. I need to setup my internal interface, external interface, NAT for 2 addresses (OWA and Exchange),No DMZ, no web server.

I took a crack at the configuration using ASDM 5.0 and the Startup Wizard and failed. questions:

1) Does the external ethernet port have to be ethernet port 0? Right now my internal port is port 0.

2) How are security levels used? How do I need to use them in my setup?

3) Should I be able to use ASDM for all of my setup?

4) Do I need to use DHCP on the ASA?

5) Next steps?

info:

External IP: 64.179.10.28

Gateway IP: 64.179.10.1

Internal interface IP: 192.168.0.x

SMTP IP: 64.179.10.29 (NAT to 192.168.0.x)

OWA IP: 64.179.10.32 (NAT to 192.168.0.x)

Anyone see what I've done wrong? Any help would be appreciated!

Result of the command: "show running-config"

: Saved

:

ASA Version 7.0(7)

!

Hostname test

domain-name test.net

enable password xxx

names

dns-guard

!

interface Ethernet0/0

nameif Internal

security-level 100

ip address 192.168.0.x 255.255.255.0

!

interface Ethernet0/1

nameif External

security-level 0

ip address 64.x.x.28 255.255.255.0

!

interface Ethernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

!

passwd xxx

ftp mode passive

access-list Internal_access_in remark WWW

access-list Internal_access_in extended permit tcp host 192.168.0.0 eq www interface External eq www

access-list External_access_in remark SMTP

access-list External_access_in extended permit tcp host 64.179.10.29 eq smtp host 192.168.0.53 eq smtp

access-list External_access_out remark HTTP

access-list External_access_out extended permit tcp 64.179.10.22 255.255.255.240 eq www any eq www

pager lines 24

logging asdm informational

mtu Internal 1500

mtu External 1500

mtu management 1500

asdm image disk0:/asdm-507.bin

no asdm history enable

arp timeout 14400

global (External) 10 64.179.10.29-64.179.10.32 netmask 255.255.255.0

nat (Internal) 10 0.0.0.0 0.0.0.0

nat (management) 0 0.0.0.0 0.0.0.0

static (External,Internal) 192.168.0.x 64.179.10.29 netmask 255.255.255.255

static (External,Internal) 192.168.0.x 64.179.10.32 netmask 255.255.255.255

access-group Internal_access_in in interface Internal

access-group External_access_in in interface External

access-group External_access_out out interface External

route External 0.0.0.0 0.0.0.0 63.179.53.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http 192.168.0.x 255.255.255.255 Internal

http 192.168.1.0 255.255.255.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd lease 3600

dhcpd ping_timeout 50

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

!

service-policy global_policy global

Cryptochecksum:xxx

: end