CISCO ASA

Image retrieved from cisco.com

Open source ? or commercial product? I believe they have pros and cons respectively. PfSense is working perfect as a centralized firewall includes almost everything but need more computing power when it deals with massive network traffic. Cisco ASA series are robust and fast, but expensive. So, maybe mid-range companies or organizations might prefer to use pfSense and big companies seem to use legacy bare-bone firewalls. Anyways it would be better for us to use both side of firewalls and compare its functions together.

Factory reset

Boot up then push esc key few times
rmmon #0>confreg
select no
rmmon #1>confreg 0x41
rmmon #2>boot
ciscoasa>
ciscoasa>enable
blank password
ciscoasa#write erase
ciscoasa#configure terminal
ciscoasa(config)# config-register 0x01
ciscoasa(config)# exit
ciscoasa#show version
ciscoasa#write
ciscoasa#reload
login with blank password
ciscoasa(config)#configure factory-default

Setting up ASDM

#enable password mypassword
#show disk0: (to check asdm bin)
ciscoasa(config)#asdm image disk0:/asdm-xxx.bin
ciscoasa(config)#username sysadmin password mypassword privilege 15 ciscoasa(config)#aaa authentication http console LOCAL
ciscoasa(config)#http server enable 443

We should also install the JRE since ADSM is running on JAVA
Then add JRE path on system environment variables.

Then we can just start making initial configuration for physical ethernet ports. These are might be wan, management, dmz1 or dmz2 depending on purposes, but I would like to say we need to check consoles and GUI together to make sure that configurations are well synchronized.  We can add up Cisco routers or switches to expand or isolate traffics.

Leave a Reply

Your email address will not be published. Required fields are marked *