Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Cisco ASA 5510

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco ASA 5510

    hi guys

    we have bought a new Cisco ASA 5510 and i dont know anything about configuring this device. i have configured pix 501 but not ASA 5510.

    is there anyone can give me a sample configuration about this device?

    i must configure it in the shortest time and install it to our customer.

    thanks alot

  • #2
    Re: Cisco ASA 5510

    Hello & Thanks for the question.

    There are a lot of sample configs on the Cisco ASA/PIX Configuration examples website:

    Is there something specific you are having trouble with?

    Have you tried the GUI interface?

    David Davis - Petri Forums Moderator & Video Training Author
    Train Signal - The Global Leader in IT Video Training - Free IT Training Products
    Personal Websites: &


    • #3
      Re: Cisco ASA 5510

      hi this is my configuration. my compnay has got an application which is based on web. it uses 4080 port number. for exmaple when i type http://abc.def:4080 to the browse i can reach to the application when i dont use Cisco ASA. but when i install Cisco ASA to my network system i cant reach the application.
      i did the routing on the ASA but still it doesnt work. and i cannot conenct by remote desktop to my server.
      please help me about this problem.

      thanks alot

      asdm image disk0:/asdm506.bin
      asdm location inside
      no asdm history enable
      : Saved
      ASA Version 7.0(6)
      hostname ciscoasa
      domain-name mncicek
      enable password 8Ry2YjIyt7RRXU24 encrypted
      interface Ethernet0/0
      nameif outside
      security-level 0
      ip address
      interface Ethernet0/1
      nameif inside
      security-level 1
      ip address
      interface Ethernet0/2
      no nameif
      no security-level
      no ip address
      interface Management0/0
      nameif management
      security-level 100
      ip address
      passwd 2KFQnbNIdI.2KYOU encrypted
      ftp mode passive
      access-list outside_access_in extended permit tcp any eq 3389 host eq 3389
      access-list outside_access_in extended permit tcp any eq 4080 host eq 4080
      access-list outside_access_in extended permit tcp any eq www host eq www
      access-list outside_access_in extended permit tcp any eq ftp host eq ftp
      access-list outside_access_in extended permit tcp any eq pptp host eq pptp
      pager lines 24
      logging asdm informational
      mtu management 1500
      mtu inside 1500
      mtu outside 1500
      asdm image disk0:/asdm506.bin
      no asdm history enable
      arp timeout 14400
      global (outside) 10 interface
      nat (inside) 10
      access-group outside_access_in in interface outside
      route outside 1
      timeout xlate 3:00:00
      timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
      timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
      timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
      timeout uauth 0:05:00 absolute
      http server enable
      http management
      no snmp-server location
      no snmp-server contact
      snmp-server enable traps snmp authentication linkup linkdown coldstart
      telnet timeout 5
      ssh timeout 5
      console timeout 0
      dhcpd address management
      dhcpd address inside
      dhcpd dns
      dhcpd lease 7200
      dhcpd ping_timeout 50
      dhcpd enable management
      dhcpd enable inside
      class-map inspection_default
      match default-inspection-traffic
      policy-map global_policy
      class inspection_default
      inspect dns maximum-length 512
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      service-policy global_policy global
      : end
      Last edited by mncicek; 20th March 2007, 09:17.


      • #4
        Re: Cisco ASA 5510

        just a wild guess for what i know about cisco acl's.

        try changing the ACL from:
        access-list outside_access_in extended permit tcp any eq 4080 host eq 4080
        access-list outside_access_in extended permit tcp any host eq 4080
        Why? You added a source portnumber with the original acl.
        Most often, this is random.
        Technical Consultant

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"