29 September, 2014

CCP and ASDM, ASA Configurations

Basic ASA Configurations

 *** Install ASDM on ASA
ciscoasa#configure terminal
ciscoasa(config)# interface gi 1 
ciscoasa(config-if)# ip address 192.168.99.2 255.255.255.0
ciscoasa(config-if)# nameif inside
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# end

 ciscoasa# copy tftp: flash:
Address or name of remote host ? 192.168.99.1
Source filename ? asdm.bin
Destination filename [asdm.bin]?
Accessing tftp://192.168.99.1/asdm.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15841428 bytes copied in 38.300 secs (416879 bytes/sec)

 ciscoasa# show flash: | in asdm
   48  15841428    Sep 28 2014 13:03:20  asdm.bin

 ciscoasa(config)# asdm image flash:asdm.bin
ciscoasa(config)# http server enable
ciscoasa(config)# http 192.168.99.0 255.255.255.0 inside
ciscoasa(config)# username admin password cisco privilege 15
ciscoasa(config)# exit
ciscoasa# write memory

 *** Configure SSH Access
ciscoasa(config)# hostname ASA
ASA(config)# domain-name ITTSM.BLOGSPOT.COM
ASA(config)# enable password Cisco
ASA(config)# username admin password cisco privilege 15
ASA(config)# crypto key generate rsa general-keys
ASA(config)# ssh version 2
ASA(config)# aaa authentication ssh console LOCAL

 ! Test from Outside access
login as: admin
admin@192.168.100.250's password:
Type help or '?' for a list of available commands.
ASA> en
Password: *****

 ASA# show ssh sessions
SID Client IP       Version Mode Encryption Hmac     State            Username
0   192.168.100.2   2.0     IN   aes256-cbc sha1     SessionStarted   admin
                            OUT  aes256-cbc sha1     SessionStarted   admin

 *** Install and Configure CCP
Download CCP From Cisco Web Site.
! How to run correctly 
You need:
1. Flash Player 10 or above
2. JAVA
3. Updated IE (With support JAVA)
4. Min 1 GB RAM Memory
5. Configured Device for accept CCP Session.

 ! Configure Cisco to run CCP 

 R1#configure terminal
R1(config)#username admin secret cisco privilege 15
R1(config)#ip http server
R1(config)#ip http secure-server
R1(config)#ip http authentication local

 *** Configure Default route on ASA
ciscoasa(config)# route outside 0.0.0.0 0.0.0.0 192.168.100.1
ciscoasa# ping 8.8.8.8
Sending 5, !!!!!  Success rate is 100 percent (5/5)
At
Tags:: , , ,