ASA 5505 ASA 5510 small and medium-sized enterprises
5520 5540 5550 5580 large enterprises
ASA is a Cisco product, formerly called PIX.
650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/>
ASA basic configuration command
Command name |
Mode |
Specific commands |
Modify firewall name |
Config # |
Hostname xxxx |
Configure a privileged password |
Config # |
Enable password xxxx |
Remote login password |
Config # |
Password xxxx |
Configuration interface name |
Config-if # |
Nameif xxxx |
Configure the interface security level |
Config-if # |
Ecurity-level xxxx (0-100) |
Basic configuration of the ASA ACL
Standard ACL |
Asa (config) # access-group acl_name {in | out} interface _ name |
Extended ACL |
Asa (config) # access-list acl_name [extended] {permit | deny} protocol src_ip_addr src_mask dst_ip_addr dst_mask [operator port] |
Apply the ACL to the interface |
Asa (config) # access-group acl_name {in | out} interface _ name |
Example: allow ICMP to pass through the firewall
Asa (config) # access-list 111 permit icmp any Asa (config) # access-group 111 in int outside |
Static routing
Asa (config) # route interface-name network mask next-hop-address |
Other commands
Command name |
Mode |
Specific commands |
Save the running config configuration |
Config # |
Asa # write memory or Asa # copy running-config startup-config |
Clear all running config configurations |
Config # |
Clear configure all |
Clear the configuration of the specified command in running config |
Config # |
Asa (config) # clear config configcommand [level2configcommand] For example, clear all ACLs. Clear configure access-list Clear specified ACL in_to_out Clear configure access-list in_to_out |
Delete the startup-config configuration file |
# |
Asa # write erase |
This article is from the "IT technology blog" blog, please be sure to keep this source http://xingxingxingxin.blog.51cto.com/4794205/1574200
Basic configuration commands of the ASA firewall