Solved: PIX 515 Help - Page 2

harrisgirls · ‎03-16-2011

Hello,

I've just got my hands on a Cisco PIX 515.

I mainly brought it too learn and play with, i done some cisco stuff in the past but not much.

I just need too get this up and running with a IP Address on ethernet1 (192.168.1.254) but when I run the command "nameif ethernet1 inside security100" in enable mode all I keep getting is ERROR % Invaild input detected at '' maker.

Any help would be great!

PAUL GILBERT ARIAS · ‎03-16-2011

both interfaces are down. You are connecting to which interface?

The inside interface is admin down so you missed the command "no shutdown" inside the interface you called inside.

Also you need the command "asdm image flash:asdm-61551.bin"

The outside interface is down so I guess you have nothing connected to it.

harrisgirls · ‎03-16-2011

I am connected too ethernet1 (192.168.1.250)

PAUL GILBERT ARIAS · ‎03-16-2011

ok good. that is the interface that needs the command "no shutdown"

interface e1

no shutdown

exit

write memory

harrisgirls · ‎03-16-2011

i've applied command no shutdown and the interface has come up

harrisgirls · ‎03-16-2011

Okay thank you.

I am going too see if I can configure this from PDM now............

So I may be back!

PAUL GILBERT ARIAS · ‎03-16-2011

great. Now, if you added the asdm image command I sent you before you should be able to connect to the ASDM. Open a browser and type https://192.168.1.250

If you don't have any username just continue without any user.

harrisgirls · ‎03-16-2011

Im on there atm.

im more used too watchguard firewalls but I need to learn cisco!!

Just another thing, I've changed the outside interface too my external IP from my ISP, where can I input my ISP Gateway and ISP DNS either via CLI or PDM?

PAUL GILBERT ARIAS · ‎03-16-2011

if you already configured the external interface you can configure the gateway using the command "route outside 0 0

For the DNS try the following:

dns server-group DefaultDNS

name-server

It is not very needed the DNS on the ASA.

harrisgirls · ‎03-16-2011

Gateway entry works.

DNS gives me this:

ERROR: DNS must be first enabled

PAUL GILBERT ARIAS · ‎03-16-2011

sorry, for your version the command is different.

dns-server value 1.1.1.1

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/command/reference/d2.html#wp1909146

Like I said, that command is not very useful

harrisgirls · ‎03-16-2011

Many thanks, that inputted fine,

i'll go swap the old watchguard out and plum this in and see what happens.

I will be back!

PAUL GILBERT ARIAS · ‎03-16-2011

correction, please try:

dns domain-lookup outside

dns name-server 4.2.2.2

That is an example

If that works and things are all clear remember to mark the question as answered.

harrisgirls · ‎03-16-2011

I am back.

I didnt get no internet, i have attached a screenshot of the log

PAUL GILBERT ARIAS · ‎03-16-2011

you have no IP on the outside interface. Do you get the IP by DHCP? Are you connected to a cable modem? try restarting the modem.

As soon as you get an IP on the outside interface you should also check that you have NAT configured.

The basic NAT is:

nat (inside) 1 0 0

global (outside) 1 interface

harrisgirls · ‎03-16-2011

I get a static IP from my ISP.

let me check...........may not of SAVED it.

I am connected too a modem.