Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
290
Views
5
Helpful
1
Replies

Newbie setting up an ASA 5510

npeters
Level 1
Level 1

‎08-04-2006 04:26 PM - edited ‎02-21-2020 01:05 AM

Hello guys.

I am stuck here. I have reviewed the Cisco docs and it has gotten me nowhere.

I have a very basic setup and have gotten as far as this.

setup E/0 (outside)as 66..x.x.x

setup E/0 (inside)as 10.1.3.1

What are my next steps? I just need to get this thing to allow traffic through to the internet.

Thanks, NP

0 Helpful
1 Reply 1

a.kiprawih
Level 7
Level 7

‎08-05-2006 02:57 AM

Hi,

I assumed you already define the security level for each interfaces (sec0 for outside, sec100 for inside) and changed the status to active/up (use "no shut").

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080636f42.html

1) Configure PAT (single IP) or a range of Public IP within the range assigned by your ISP to be used by internal hosts to access outside/internet.

PAT (single IP) can use either outside interface IP or single unassigned IP from the same subnet.

Example of PAT using outside interface IP:

global (outside) 1 interface

nat (inside) 1 10.1.3.0 255.255.255.0

Example of PAT using unassigned IP (same subnet with outside IP/Public IP assigned by ISP):

global (outside) 1 66.x.x.5

nat (inside) 1 10.1.3.0 255.255.255.0

OR if you have a range of IP, use:

global (outside) 1 66.x.x.5-66.x.x.20 netmask - based on actual netmask

nat (inside) 1 10.1.3.0 255.255.255.0

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008063b1fa.html#wp1042339

2) Make sure you have route statement to reach outside and inside interface.

Route to outside:

route outside 0.0.0.0 0.0.0.0.0 66.x.x.x.1 --> example if your internet router is .1

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a00806403ec.html

3) Optional - Additionally, apply ACL to control outbound traffic from internal hosts

ASA(config)# access-list INSIDE extended permit ip 10.1.3.0 255.255.255.0 any eq 53

ASA(config)# access-list INSIDE extended permit ip 10.1.3.0 255.255.255.0 any eq 80

ASA(config)# access-list INSIDE extended permit ip 10.1.3.0 255.255.255.0 any eq 8080

ASA(config)# access-group INSIDE in interface inside

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080637380.html

Rgds,

AK

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card