Solved: Re: Configuration par défaut

Malek.khebbab · ‎09-06-2012

Bonjour,

Svp, comment revenir à la case de départ avec Cisco ASA 5510. ie quelle est la commande pour revenir à la configuration par défaut.

Merci

---------------------

Goodmorning,

How to return to default configration with Cisco ASA 5510 command mode?

Thank you.

varrao · ‎09-06-2012

Hi Malek,

You can simply copy and paste the configuration for factory defualt on ASA 5510 that I have pasted above, it is the same.

Or you can now use the command "configure factory-default" to get the default settings back.

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

View solution in original post

varrao · ‎09-06-2012

Hi Malek,

You can use the command:

configure factory-default

Here is the guide for it:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/start.html#wp1055130

But before you do it, go through what all it does, before risking something that you don't want to lose.

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

Malek.khebbab · ‎09-06-2012

Hi Rao, thanks,

what is a differrence with command

   clear configure all

varrao · ‎09-06-2012

Here's wat the configuration wud look like if you do factory default:

ASA 5510 and Higher Default Configuration

The default factory configuration for the ASA 5510 and higher adaptive security appliance configures the following:

•The management interface, Management 0/0. If you did not set the IP address in the configure factory-default command, then the IP address and mask are 192.168.1.1 and 255.255.255.0.

•The DHCP server is enabled on the security appliance, so a PC connecting to the interface receives an address between 192.168.1.2 and 192.168.1.254.

•The HTTP server is enabled for ASDM and is accessible to users on the 192.168.1.0 network.

The configuration consists of the following commands:

interface management 0/0

   ip address 192.168.1.1 255.255.255.0

   nameif management

   security-level 100

   no shutdown

asdm logging informational 100

asdm history enable

http server enable

http 192.168.1.0 255.255.255.0 management

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd lease 3600

dhcpd ping_timeout 750

dhcpd enable management


But if you do clear configure all, it would erase all the configuration completely,
you would need to do everything from very scratch, through a console cable.

Hope this helps.

Thanks,

Varun Rao
Security Team,
Cisco TAC

ASA 5505 Default Configuration

The default factory configuration for the ASA 5505 adaptive security appliance configures the following:

•An inside VLAN 1 interface that includes the Ethernet 0/1 through 0/7 switch ports. If you did not set the IP address in the configure factory-default command, then the VLAN 1 IP address and mask are 192.168.1.1 and 255.255.255.0.

•An outside VLAN 2 interface that includes the Ethernet 0/0 switch port. VLAN 2 derives its IP address using DHCP.

•The default route is also derived from DHCP.

•All inside IP addresses are translated when accessing the outside using interface PAT.

•By default, inside users can access the outside with an access list, and outside users are prevented from accessing the inside.

•The DHCP server is enabled on the security appliance, so a PC connecting to the VLAN 1 interface receives an address between 192.168.1.2 and 192.168.1.254.

•The HTTP server is enabled for ASDM and is accessible to users on the 192.168.1.0 network.

The configuration consists of the following commands:

interface Ethernet 0/0

   switchport access vlan 2

   no shutdown

interface Ethernet 0/1

   switchport access vlan 1

   no shutdown

interface Ethernet 0/2

   switchport access vlan 1

   no shutdown

interface Ethernet 0/3

   switchport access vlan 1

   no shutdown

interface Ethernet 0/4

   switchport access vlan 1

   no shutdown

interface Ethernet 0/5

   switchport access vlan 1

   no shutdown

interface Ethernet 0/6

   switchport access vlan 1

   no shutdown

interface Ethernet 0/7

   switchport access vlan 1

   no shutdown

interface vlan2

   nameif outside

   no shutdown

   ip address dhcp setroute

interface vlan1

   nameif inside

   ip address 192.168.1.1 255.255.255.0

   security-level 100

   no shutdown

global (outside) 1 interface

nat (inside) 1 0 0

http server enable

http 192.168.1.0 255.255.255.0 inside

dhcpd address 192.168.1.2-192.168.1.254 inside

dhcpd auto_config outside

dhcpd enable inside

logging asdm informational

Thanks,
Varun Rao

Malek.khebbab · ‎09-06-2012

I'm new with the configuration "Cisco General" and "FIREWALL ASA" in particulary. so, I want to configure my ASA 5510 with a simple configuration for internet access.

After several attempts, I wanted to delete and resume operation. I used, then the command "CLEAR CONFIGURE ALL" and then the command "WRITE MEMORY"

From what I understand, I even delete all factory default configuration. So, how to return to the factory default configuration so as not finding problems.

varrao · ‎09-06-2012

Hi Malek,

You can simply copy and paste the configuration for factory defualt on ASA 5510 that I have pasted above, it is the same.

Or you can now use the command "configure factory-default" to get the default settings back.

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

Malek.khebbab · ‎09-09-2012

Hi Reo

Thank you for the help, it was invaluable.

Maintenance I open another descussion for configuring an ASA 5510 basic configuration of Internet access.

thank you.