04 May, 2015

ASA Device Manager (ASDM) Management and Syslog


ASA(config)# show mode
Security context mode: single
ASA(config)# show firewall
Firewall mode: Router

 ! Configure Interfaces Gi0,Gi1 i Gi3
ASA(config)# in g 1
ASA(config-if)# no shu
ASA(config-if)# nameif inside
ASA(config-if)# ip address 10.0.0.254 255.255.255.0
ASA(config-if)# security-level 100
ASA(config-if)# ping 10.0.0.1
!!!!!

 ASA# show ip
System IP Addresses:
Interface                Name                   IP address      Subnet mask     Method
GigabitEthernet0         ouside                 192.168.0.254   255.255.255.0   manual
GigabitEthernet1         inside                 10.0.0.254      255.255.255.0   manual
GigabitEthernet2         dmz                    20.0.0.254      255.255.255.0   manual

 ASA# show nameif
Interface                Name                     Security
GigabitEthernet0         ouside                     0
GigabitEthernet1         inside                   100
GigabitEthernet2         dmz                       50

 ! Configuration to support ASDM
ASA(config)# http server enable
ASA(config)# http 192.168.0.0 255.255.255.0 ouside
ASA(config)# http 0 0 ouside ! (Permit Any IP)
ASA(config)# username admin password cisco priv 15

 ASA(config)# show flash: | in asdm
   89  18927088    May 04 2015 13:48:32  asdm-649.bin

 ASA(config)# asdm image flash:/asdm-649.bin
! Configure OSPF in GUI ASDM



! After Apply config Check CLI
ASA(config)# show run router
!
router ospf 1
 network 10.0.0.254 255.255.255.255 area 0
 network 20.0.0.254 255.255.255.255 area 0
 network 192.168.0.254 255.255.255.255 area 0
 area 0
!

 ! Check R1 OSPF Process R1#show ip route ospf
O        2.2.2.2 [110/12] via 10.0.0.254, 00:49:46, FastEthernet0/0
O        3.3.3.3 [110/12] via 10.0.0.254, 00:49:46, FastEthernet0/0
O        20.0.0.0 [110/11] via 10.0.0.254, 00:49:46, FastEthernet0/0
O     192.168.0.0/24 [110/11] via 10.0.0.254, 00:49:46, FastEthernet0/0

R1#tel 3.3.3.3
Trying 3.3.3.3 ... Open
R3>

 R1#tel 2.2.2.2
Trying 2.2.2.2 ... Open
R2>

 ASA(config)# show conn all
7 in use, 14 most used
OSPF ouside 224.0.0.5 NP Identity Ifc192.168.0.254, idle 0:00:03, bytes 1540
OSPF dmz 224.0.0.5 NP Identity Ifc20.0.0.254, idle 0:00:04, bytes 1900
OSPF inside 224.0.0.5 NP Identity Ifc10.0.0.254, idle 0:00:02, bytes 1364
TCP ouside 192.168.0.100:49194 NP Identity Ifc 192.168.0.254:443, idle 0:00:00, bytes 409853, flags UOB  ! (ASDM Connection)
OSPF inside 10.0.0.1 NP Identity Ifc224.0.0.5, idle 0:00:01, bytes 2120
OSPF ouside 192.168.0.3 NP Identity Ifc224.0.0.5, idle 0:00:03, bytes 2040
OSPF dmz 20.0.0.2 NP Identity Ifc224.0.0.5, idle 0:00:09, bytes 2104

 ASA(config)# show route | in O
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       * - candidate default, U - per-user static route, o - ODR
O    1.1.1.1 255.255.255.255 [110/11] via 10.0.0.1, 0:51:26, inside
O    2.2.2.2 255.255.255.255 [110/11] via 20.0.0.2, 0:51:26, dmz
O    3.3.3.3 255.255.255.255 [110/11] via 192.168.0.3, 0:51:26, ouside
ASA(config)# ping 1.1.1.1
!!!!!
ASA(config)# ping 2.2.2.2
!!!!!
ASA(config)# ping 3.3.3.3
!!!!!

 ! Enable/Disable Log Message by Number.

 ASA(config)# logging on
ASA(config)# logging console 7
ASA(config)# show arp
        inside 10.0.0.1 ca00.0510.0008 6054
        dmz 20.0.0.2 ca03.0840.0008 3831
        ouside 192.168.0.100 0200.4c4f.4f50 1
        ouside 192.168.0.3 ca06.0840.0008 2239
%ASA-7-111009: User 'enable_15' executed cmd: show arp

 ASA(config)# no logging message 111009
Or

 ASA(config)# show arp
        inside 10.0.0.1 ca00.0510.0008 6152
        dmz 20.0.0.2 ca03.0840.0008 3928
        ouside 192.168.0.100 0200.4c4f.4f50 18
        ouside 192.168.0.3 ca06.0840.0008 2336
! Not Generates Log Message

At
Tags:: , , , , ,