Filter
Top Products
8
3 Configuring the Cisco ASA 5500 Series Adaptive Security
Appliance
This section describes the initial configuration of the adaptive security appliance. You can perform the
configuration steps using either the browser-based Cisco Adaptive Security Device Manager (ASDM)
or the command-line interface (CLI).
Note To use ASDM, you must have a DES license or a 3DES-AES license. For more information,
see Obtaining DES and 3DES/AES Encryption Licenses, page 52.
About the Factory Default Configuration
Cisco adaptive security appliances are shipped with a factory-default configuration that enables quick
startup. This configuration meets the needs of most small and medium business networking
environments. By default, the adaptive security appliance is configured as follows:
• The inside (GigabitEthernet0/1) interface is configured with a default DHCP address pool.
This configuration enables a client on the inside network to obtain a DHCP address from the
adaptive security appliance in order to connect to the appliance. Administrators can then
configure and manage the adaptive security appliance using ASDM.
• The outside (GigabitEthernet0/0) interface is used to connect to the public network and is
configured to deny all inbound traffic.
This configuration protects your inside network from unsolicited traffic.
Based on your network security policy, you should also consider configuring the adaptive security
appliance to deny all ICMP traffic through the outside interface or any other interface that is necessary.
You can configure this access control policy using the icmp command. For more information about the
icmp command, see the Cisco Security Appliance Command Reference.