Cisco ASA 5505 User Manual

2-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 2 Getting Started

Factory Default Configurations

•

IP addresses— Outside address from DHCP; inside address set manually to 192.168.1.1/24.

•

Network Address Translation (NAT)—All inside IP addresses are translated when accessing the
outside using interface PAT.

•

Traffic flow—IPv4 and IPv6 traffic allowed from inside to outside (this behavior is implicit on the
ASA). Outside users are prevented from accessing the inside.

•

DHCP server—Enabled for inside hosts, so a PC connecting to the inside interface receives an
address between 192.168.1.5 and 192.168.1.254. DNS, WINS, and domain information obtained
from the DHCP client on the outside interface is passed to the DHCP clients on the inside interface.

•

Default route—Derived from DHCP.

•

ASDM access—Inside hosts allowed.

Figure 2-1

shows the traffic flow for an ASA 5505 in routed mode.

Figure 2-1

ASA 5505 Routed Mode

The configuration consists of the following commands:

interface Ethernet 0/0

switchport access vlan 2

no shutdown

interface Ethernet 0/1

switchport access vlan 1

no shutdown

interface Ethernet 0/2

switchport access vlan 1

no shutdown

interface Ethernet 0/3

switchport access vlan 1

no shutdown

interface Ethernet 0/4

switchport access vlan 1

no shutdown

interface Ethernet 0/5

switchport access vlan 1

no shutdown

interface Ethernet 0/6

switchport access vlan 1

192.168.1.5
(from ASA DHCP)

inside VLAN 1 (Ethernet 0/1-0/7)
192.168.1.1

ASDM

Internet Gateway Router

outside VLAN 2 (Ethernet 0/0)
(from router DHCP)

Internet

IP traffic

outside interface

PAT

330618