: Saved
:
ASA Version 8.0(5)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address dhcp setroute
!
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 10.0.0.2 255.255.255.0
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
nameif manage
security-level 0
ip address 192.168.100.1 255.255.255.0
!
ftp mode passive
pager lines 24
mtu outside 1500
mtu inside 1500
mtu manage 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd dns 208.67.222.222 208.67.220.220
!
dhcpd address 192.168.100.100-192.168.100.200 manage
dhcpd enable manage
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username whiterabbit password HNOnJ3mP3F2wbi2O encrypted
!
!
prompt hostname context
Cryptochecksum:0e003705b6ec9b8ac5852e25edde6a60
: end
ciscoasa# confreg 0x01
^
ERROR: % Invalid input detected at '^' marker.
ciscoasa# conf t
ciscoasa(config)# confreg 0x01
^
ERROR: % Invalid input detected at '^' marker.
ciscoasa(config)# exit
ciscoasa#
ciscoasa# config-register 0x01
^
ERROR: % Invalid input detected at '^' marker.
ciscoasa# conf t
ciscoasa(config)# config-register 0x01
ciscoasa(config)# wr mem
Building configuration...
Cryptochecksum: 0e003705 b6ec9b8a c5852e25 edde6a60

1896 bytes copied in 3.390 secs (632 bytes/sec)
[OK]
ciscoasa(config)# show version

Cisco Adaptive Security Appliance Software Version 8.0(5)
Device Manager Version 6.2(3)

Compiled on Mon 02-Nov-09 21:22 by builders
System image file is "disk0:/asa805-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 10 mins 8 secs

Hardware: ASA5520-K8, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
Slot 1: ATA Compact Flash, 1024MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is 001b.2ac2.5068, irq 9
1: Ext: GigabitEthernet0/1 : address is 001b.2ac2.5069, irq 9
2: Ext: GigabitEthernet0/2 : address is 001b.2ac2.506a, irq 9
3: Ext: GigabitEthernet0/3 : address is 001b.2ac2.506b, irq 9
4: Ext: Management0/0 : address is 001b.2ac2.5067, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2

This platform has an ASA 5520 VPN Plus license.

Serial Number: JMX1120L084
Running Activation Key: 0x2c0e4377 0x4c83eb35 0x8c22f190 0xa82c7ca8 0x48230fac
Configuration register is 0x1
Configuration has not been modified since last system restart.
ciscoasa(config)#
ciscoasa(config)# wr mem
Building configuration...
Cryptochecksum: 0e003705 b6ec9b8a c5852e25 edde6a60

1896 bytes copied in 3.390 secs (632 bytes/sec)
[OK]
ciscoasa(config)# reload
Proceed with reload? [confirm]
ciscoasa(config)#

***
*** --- START GRACEFUL SHUTDOWN ---
Shutting down isakmp
Shutting down File system

***
*** --- SHUTDOWN NOW ---
Process shutdown finished
Rebooting.....

Booting system, please wait...

CISCO SYSTEMS
Embedded BIOS Version 1.0(11)2 01/25/06 13:21:26.17

Low Memory: 631 KB
High Memory: 512 MB
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 8086 2578 Host Bridge
00 01 00 8086 2579 PCI-to-PCI Bridge
00 03 00 8086 257B PCI-to-PCI Bridge
00 1C 00 8086 25AE PCI-to-PCI Bridge
00 1D 00 8086 25A9 Serial Bus 11
00 1D 01 8086 25AA Serial Bus 10
00 1D 04 8086 25AB System
00 1D 05 8086 25AC IRQ Controller
00 1D 07 8086 25AD Serial Bus 9
00 1E 00 8086 244E PCI-to-PCI Bridge
00 1F 00 8086 25A1 ISA Bridge
00 1F 02 8086 25A3 IDE Controller 11
00 1F 03 8086 25A4 Serial Bus 5
00 1F 05 8086 25A6 Audio 5
02 01 00 8086 1075 Ethernet 11
03 01 00 177D 0003 Encrypt/Decrypt 9
03 02 00 8086 1079 Ethernet 9
03 02 01 8086 1079 Ethernet 9
03 03 00 8086 1079 Ethernet 9
03 03 01 8086 1079 Ethernet 9
04 02 00 8086 1209 Ethernet 11
04 03 00 8086 1209 Ethernet 5

Evaluating BIOS Options ...
Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(11)2) #0: Thu Jan 26 10:43:08 PST 2006

Platform ASA5520-K8

Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.

Launching BootLoader...
Default configuration file contains 1 entry.

Searching / for images to boot.

Loading /asa805-k8.bin... Booting...
Loading...

Processor memory 415105024, Reserved memory: 41943040 (DSOs: 0 + kernel: 41943040)
Guest RAM start: 0xc7400080
Guest RAM end: 0xdd400000
Guest RAM brk: 0xc7401000

IO memory 79241216 bytes
IO memory start: 0xc2801000
IO memory end: 0xc7393000

Total SSMs found: 1
ASA-SSM-20, SN JAF10380252, HW ver 1.0, FW ver 1.0(11)2

Total NICs found: 7
mcwa i82557 Ethernet at irq 11 MAC: 001b.2ac2.5067
mcwa i82557 Ethernet at irq 5 MAC: 0000.0001.0001
i82546GB rev03 Gigabit Ethernet @ irq09 dev 3 index 00 MAC: 001b.2ac2.5068
i82546GB rev03 Gigabit Ethernet @ irq09 dev 3 index 01 MAC: 001b.2ac2.5069
i82546GB rev03 Gigabit Ethernet @ irq09 dev 2 index 02 MAC: 001b.2ac2.506a
i82546GB rev03 Gigabit Ethernet @ irq09 dev 2 index 03 MAC: 001b.2ac2.506b
i82547GI rev00 Gigabit Ethernet @ irq11 dev 1 index 05 MAC: 0000.0001.0002

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2

This platform has an ASA 5520 VPN Plus license.

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05

Cisco Adaptive Security Appliance Software Version 8.0(5)

****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.

A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************

Copyright (c) 1996-2009 by Cisco Systems, Inc.

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cryptochecksum (unchanged): 0e003705 b6ec9b8a c5852e25 edde6a60
Type help or '?' for a list of available commands.
ciscoasa> show int
^
ERROR: % Invalid input detected at '^' marker.
ciscoasa> enable
Password: *****
Invalid password
Password:
ciscoasa# show int
Interface GigabitEthernet0/0 "outside", is down, line protocol is down
Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
Auto-Duplex, Auto-Speed
MAC address 001b.2ac2.5068, MTU 1500
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops, 0 tx hangs
input queue (curr/max packets): hardware (0/0) software (0/0)
output queue (curr/max packets): hardware (0/0) software (0/0)
Traffic Statistics for "outside":
0 packets input, 0 bytes
0 packets output, 0 bytes
0 packets dropped
1 minute input rate 0 pkts/sec, 0 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 0 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
Interface GigabitEthernet0/1 "inside", is down, line protocol is down
Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
Auto-Duplex, Auto-Speed
MAC address 001b.2ac2.5069, MTU 1500
IP address 10.0.0.2, subnet mask 255.255.255.0
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops, 0 tx hangs
input queue (curr/max packets): hardware (0/0) software (0/0)
output queue (curr/max packets): hardware (0/0) software (0/0)
Traffic Statistics for "inside":
0 packets input, 0 bytes
0 packets output, 0 bytes
0 packets dropped
1 minute input rate 0 pkts/sec, 0 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 0 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
Interface GigabitEthernet0/2 "", is administratively down, line protocol is down
Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
Auto-Duplex, Auto-Speed
Available but not configured via nameif
MAC address 001b.2ac2.506a, MTU not set
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops, 0 tx hangs
input queue (curr/max packets): hardware (0/0) software (0/0)
output queue (curr/max packets): hardware (0/0) software (0/0)
Interface GigabitEthernet0/3 "", is administratively down, line protocol is down
Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
Auto-Duplex, Auto-Speed
Available but not configured via nameif
MAC address 001b.2ac2.506b, MTU not set
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops, 0 tx hangs
input queue (curr/max packets): hardware (0/0) software (0/0)
output queue (curr/max packets): hardware (0/0) software (0/0)
Interface Management0/0 "manage", is administratively down, line protocol is down
Hardware is i82557, BW 100 Mbps, DLY 100 usec
Auto-Duplex, Auto-Speed
MAC address 001b.2ac2.5067, MTU 1500
IP address 192.168.100.1, subnet mask 255.255.255.0
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
0 input reset drops, 0 output reset drops
input queue (curr/max packets): hardware (0/0) software (0/0)
output queue (curr/max packets): hardware (1/0) software (0/0)
Traffic Statistics for "manage":
0 packets input, 0 bytes
0 packets output, 0 bytes
0 packets dropped
1 minute input rate 0 pkts/sec, 0 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 0 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
ciscoasa# show ver

Cisco Adaptive Security Appliance Software Version 8.0(5)
Device Manager Version 6.2(3)

Compiled on Mon 02-Nov-09 21:22 by builders
System image file is "disk0:/asa805-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 38 secs

Hardware: ASA5520-K8, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
Slot 1: ATA Compact Flash, 1024MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is 001b.2ac2.5068, irq 9
1: Ext: GigabitEthernet0/1 : address is 001b.2ac2.5069, irq 9
2: Ext: GigabitEthernet0/2 : address is 001b.2ac2.506a, irq 9
3: Ext: GigabitEthernet0/3 : address is 001b.2ac2.506b, irq 9
4: Ext: Management0/0 : address is 001b.2ac2.5067, irq 11
5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11
6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2

This platform has an ASA 5520 VPN Plus license.

Serial Number: JMX1120L084
Running Activation Key: 0x2c0e4377 0x4c83eb35 0x8c22f190 0xa82c7ca8 0x48230fac
Configuration register is 0x1
Configuration has not been modified since last system restart.
ciscoasa#

you dont config any NAT ?

you need NAT if you want to access Internet

MHM

no can you please tell me the exact command(s)? i have the router on int g0/0 and and pc on the int g0/1.

You meaning your ASA not direct connect to ISP but it connect to router via g0/0??

MHM

the g0/0 is connected directly to the router and have internet access from there.it's connected to a port directly into the router.g0/0 is connected directly to router w/ internet access.

i can't config the nat i don't know the command(s).

and i have another utp from g0/1 connected to the port of the pc.

I understand but the commands are unknown to me, lots are deprecated.It's the first time configure an asa 5520.I had the asa 5510.