Quick Start Guide
Page 2
...169; 1981, Regents of the University of Cisco Systems, Inc. Cisco ASA 5500 Series Quick Start Guide © 2011 Cisco Systems, Inc. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY ...LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. All rights reserved. and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco...
...169; 1981, Regents of the University of Cisco Systems, Inc. Cisco ASA 5500 Series Quick Start Guide © 2011 Cisco Systems, Inc. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY ...LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. All rights reserved. and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco...
Quick Start Guide
Page 30
... Ethernet (a license may be required) or an SFP module for more information. 300016 1 2 SFP1 SFP0 7 6 5 4 3 2 1 0 1 MGMT 0 0 1 USB PWR BOOT ALARM ACT VPN PS1 PS0 HDD1 HDD0 AUX CONSOLE RESET SFP1 SFP0 7 6 5 4 3 2 1 0 1 MGMT 0 0 1 USB PWR BOOT ALARM ACT VPN PS1 PS0 HDD1 HDD0 AUX CONSOLE RESET 3 Management PC Unsecure Network Secure Network Cisco ASA 5580 Series...
... Ethernet (a license may be required) or an SFP module for more information. 300016 1 2 SFP1 SFP0 7 6 5 4 3 2 1 0 1 MGMT 0 0 1 USB PWR BOOT ALARM ACT VPN PS1 PS0 HDD1 HDD0 AUX CONSOLE RESET SFP1 SFP0 7 6 5 4 3 2 1 0 1 MGMT 0 0 1 USB PWR BOOT ALARM ACT VPN PS1 PS0 HDD1 HDD0 AUX CONSOLE RESET 3 Management PC Unsecure Network Secure Network Cisco ASA 5580 Series...
Quick Start Guide
Page 34
...license, or you set: • Hostname • Domain name • Administrative passwords • Interfaces • IP addresses • Address translation rules 300021 To run the Startup Wizard, perform the following steps: Step 1 In the main ASDM window, choose Wizards > Startup Wizard. Step 2 Step 3 Follow the instructions in the window.) Cisco ASA... 5580 Series Quick Start Guide 6-2 78-19753-01 Running the Startup Wizard in ASDM Chapter 6 Configuring the ASA Running the Startup Wizard in ASDM Run the Startup Wizard...
...license, or you set: • Hostname • Domain name • Administrative passwords • Interfaces • IP addresses • Address translation rules 300021 To run the Startup Wizard, perform the following steps: Step 1 In the main ASDM window, choose Wizards > Startup Wizard. Step 2 Step 3 Follow the instructions in the window.) Cisco ASA... 5580 Series Quick Start Guide 6-2 78-19753-01 Running the Startup Wizard in ASDM Chapter 6 Configuring the ASA Running the Startup Wizard in ASDM Run the Startup Wizard...
Quick Start Guide
Page 39
... in ASDM to configure these additional features: • High Availability and Scalability Wizard Configure active/active or active/standby failover, or VPN cluster load balancing. • Unified Communications Wizard Configure a proxy on each of the ingress and egress interfaces. See the CLI... capture on the ASA for remote access or business-to-business communications. (Special licenses may apply. Related Documentation To access all documents related to this product, go to: http://www.cisco.com/en/US/docs/security/asa/roadmap/asaroadmap.html 78-19753-01 Cisco ASA 5580 Series Quick ...
... in ASDM to configure these additional features: • High Availability and Scalability Wizard Configure active/active or active/standby failover, or VPN cluster load balancing. • Unified Communications Wizard Configure a proxy on each of the ingress and egress interfaces. See the CLI... capture on the ASA for remote access or business-to-business communications. (Special licenses may apply. Related Documentation To access all documents related to this product, go to: http://www.cisco.com/en/US/docs/security/asa/roadmap/asaroadmap.html 78-19753-01 Cisco ASA 5580 Series Quick ...
Getting Started Guide
Page 2
..., Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco TrustSec, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are service marks; THE SOFTWARE LICENSE AND LIMITED WARRANTY...
..., Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco TrustSec, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are service marks; THE SOFTWARE LICENSE AND LIMITED WARRANTY...
Getting Started Guide
Page 9
Contents 15 C H A P T E R A A P P E N D I X Configuring the 4GE SSM for Fiber 15-1 Cabling 4GE SSM Interfaces 15-2 Setting the 4GE SSM Media Type for Fiber Interfaces (Optional) 15-3 What to Do Next 15-5 Obtaining a 3DES/AES License A-1 78-19186-01 Cisco ASA 5500 Series Getting Started Guide ix
Contents 15 C H A P T E R A A P P E N D I X Configuring the 4GE SSM for Fiber 15-1 Cabling 4GE SSM Interfaces 15-2 Setting the 4GE SSM Media Type for Fiber Interfaces (Optional) 15-3 What to Do Next 15-5 Obtaining a 3DES/AES License A-1 78-19186-01 Cisco ASA 5500 Series Getting Started Guide ix
Getting Started Guide
Page 16
Related Documents Chapter 1 Before You Begin • Cisco ASA 5500 Series Command Reference • Cisco ASA 5500 Series Configuration Guide using the CLI • Cisco ASA 5500 Series System Log Messages • Migrating to ASA for VPN 3000 Series Concentrator Administrators • Cisco Secure Desktop Configuration Guide for Cisco ASA 5500 Series Administrators • Open Source Software Licenses for ASA and PIX Security Appliances Cisco ASA 5500 Series Getting Started Guide 1-6 78-19186-01
Related Documents Chapter 1 Before You Begin • Cisco ASA 5500 Series Command Reference • Cisco ASA 5500 Series Configuration Guide using the CLI • Cisco ASA 5500 Series System Log Messages • Migrating to ASA for VPN 3000 Series Concentrator Administrators • Cisco Secure Desktop Configuration Guide for Cisco ASA 5500 Series Administrators • Open Source Software Licenses for ASA and PIX Security Appliances Cisco ASA 5500 Series Getting Started Guide 1-6 78-19186-01
Getting Started Guide
Page 81
... Cisco ASA 5500 Series Getting Started Guide 7-9 Configure the adaptive security appliance to deny. Set the IP address to 0.0.0.0, the netmask to 0.0.0.0, and Action to protect a DMZ web server Chapter 8, "Scenario: DMZ Configuration" Configure the adaptive security appliance for remote-access VPN Chapter 9, "Scenario: IPsec Remote-Access VPN Configuration" Configure the adaptive security appliance for SSL...
... Cisco ASA 5500 Series Getting Started Guide 7-9 Configure the adaptive security appliance to deny. Set the IP address to 0.0.0.0, the netmask to 0.0.0.0, and Action to protect a DMZ web server Chapter 8, "Scenario: DMZ Configuration" Configure the adaptive security appliance for remote-access VPN Chapter 9, "Scenario: IPsec Remote-Access VPN Configuration" Configure the adaptive security appliance for SSL...
Getting Started Guide
Page 173
...-19186-01 Note The first time you log in the dictionary. Connected to change the default password. login: cisco Password: Last login: Fri Sep 2 06:21:20 from the ASA 5500 series adaptive security appliance to import, export, distribute or use . Importers, exporters, distributors and users are... U.S. Passwords must be found at least eight characters long and not a word in to the AIP SSM, you agree to export@cisco.com. ***LICENSE NOTICE*** Cisco ASA 5500 Series Getting Started Guide 13-7 Escape character sequence is subject to comply with U.S. Delivery of U.S.
...-19186-01 Note The first time you log in the dictionary. Connected to change the default password. login: cisco Password: Last login: Fri Sep 2 06:21:20 from the ASA 5500 series adaptive security appliance to import, export, distribute or use . Importers, exporters, distributors and users are... U.S. Passwords must be found at least eight characters long and not a word in to the AIP SSM, you agree to export@cisco.com. ***LICENSE NOTICE*** Cisco ASA 5500 Series Getting Started Guide 13-7 Escape character sequence is subject to comply with U.S. Delivery of U.S.
Getting Started Guide
Page 174
... of software), you can install the license key at the current signature level until you identify one of the AIP SSM, enter the following steps: Step 1 Step 2 To run the setup utility for Cisco Intrusion Prevention System 13-8 Cisco ASA 5500 Series Getting Started Guide 78-19186...-01 Configuring the Security Policy on the system. If you see the "Sessioning to the AIP SSM, see the preceding license notice (which determines how to inspect traffic...
... of software), you can install the license key at the current signature level until you identify one of the AIP SSM, enter the following steps: Step 1 Step 2 To run the setup utility for Cisco Intrusion Prevention System 13-8 Cisco ASA 5500 Series Getting Started Guide 78-19186...-01 Configuring the Security Policy on the system. If you see the "Sessioning to the AIP SSM, see the preceding license notice (which determines how to inspect traffic...
Getting Started Guide
Page 188
...setup wizard to the CSC SSM for scanning. These steps are as follows: 1. This section includes the following URL: http://www.cisco.com/go/license 14-6 Cisco ASA 5500 Series Getting Started Guide 78-19186-01 Use the PAK to register the CSC SSM at this document, at the following ...topics: • Obtain Software Activation Key from Cisco.com, page 14-6 • Gather Information, page 14-7 • Verify Time Settings, page 14-7 ...
...setup wizard to the CSC SSM for scanning. These steps are as follows: 1. This section includes the following URL: http://www.cisco.com/go/license 14-6 Cisco ASA 5500 Series Getting Started Guide 78-19186-01 Use the PAK to register the CSC SSM at this document, at the following ...topics: • Obtain Software Activation Key from Cisco.com, page 14-6 • Gather Information, page 14-7 • Verify Time Settings, page 14-7 ...
Getting Started Guide
Page 189
...appliance management interface can complete the procedure described in the "Run the CSC Setup Wizard" section on the CSC SSM and for licensing, because licenses are required before you will receive activation keys by the hosts used to be used for the CSC SSM • DNS ...mail address to run ASDM. The activation keys are time sensitive. 78-19186-01 Cisco ASA 5500 Series Getting Started Guide 14-7 Gather Information Before you completed the Startup Wizard, described in Appendix A, "Obtaining a 3DES/AES License." IP address and port number of an SMTP server • IP addresses of...
...appliance management interface can complete the procedure described in the "Run the CSC Setup Wizard" section on the CSC SSM and for licensing, because licenses are required before you will receive activation keys by the hosts used to be used for the CSC SSM • DNS ...mail address to run ASDM. The activation keys are time sensitive. 78-19186-01 Cisco ASA 5500 Series Getting Started Guide 14-7 Gather Information Before you completed the Startup Wizard, described in Appendix A, "Obtaining a 3DES/AES License." IP address and port number of an SMTP server • IP addresses of...
Getting Started Guide
Page 190
...verify the NTP configuration. You can enter the activation code for the Plus license after the initial configuration of the CSC Setup Wizard, enter the product activation codes for the Base license and if applicable, for Content Security Chapter 14 Configuring the CSC SSM To...Micro Content Security > Wizard Setup > Launch Wizard Setup. The CSC Setup Wizard screen appears. Scenario: Security Appliance with CSC SSM Deployed for the Plus license. In ASDM, choose Configuration > Device Setup > System Time > Clock. • If you control time settings manually, verify the clock settings. In...
...verify the NTP configuration. You can enter the activation code for the Plus license after the initial configuration of the CSC Setup Wizard, enter the product activation codes for the Base license and if applicable, for Content Security Chapter 14 Configuring the CSC SSM To...Micro Content Security > Wizard Setup > Launch Wizard Setup. The CSC Setup Wizard screen appears. Scenario: Security Appliance with CSC SSM Deployed for the Plus license. In ASDM, choose Configuration > Device Setup > System Time > Clock. • If you control time settings manually, verify the clock settings. In...
Getting Started Guide
Page 199
...SSM What to Do Next By default, the CSC SSM is also configured to the license that you can create custom settings for URL blocking and URL filtering, as well as Cisco Content Security and Control advanced security policies SSM Administrator Guide Configure additional CSC SSM ASDM... online help features in ASDM, including content filtering Optimize performance for the AIP Cisco ASA 5500 Series Configuration SSM and CSC SSM by creating more information, see the Cisco Content Security and Control SSM Administrator Guide. For more Guide using the CLI efficient service ...
...SSM What to Do Next By default, the CSC SSM is also configured to the license that you can create custom settings for URL blocking and URL filtering, as well as Cisco Content Security and Control advanced security policies SSM Administrator Guide Configure additional CSC SSM ASDM... online help features in ASDM, including content filtering Optimize performance for the AIP Cisco ASA 5500 Series Configuration SSM and CSC SSM by creating more information, see the Cisco Content Security and Control SSM Administrator Guide. For more Guide using the CLI efficient service ...
Getting Started Guide
Page 207
... appliance within two hours of Cisco.com, go /license If you are not a registered user of requesting the license upgrade. You need an encryption license key to the following website: http://www.cisco.com/go to enable this license. You can obtain a 3DES-AES license that provides encryption. A A P P E N D I X Obtaining a 3DES/AES License The Cisco ASA 5500 series adaptive security appliance...
... appliance within two hours of Cisco.com, go /license If you are not a registered user of requesting the license upgrade. You need an encryption license key to the following website: http://www.cisco.com/go to enable this license. You can obtain a 3DES-AES license that provides encryption. A A P P E N D I X Obtaining a 3DES/AES License The Cisco ASA 5500 series adaptive security appliance...
Getting Started Guide
Page 208
.... Enters global configuration mode. The activation-5-tuple-key variable is a five-element hexadecimal string with your new license. Cisco ASA 5500 Series Getting Started Guide A-2 78-19186-01 Saves the configuration. Appendix A Obtaining a 3DES/AES License To use the activation key, perform the following steps: Step 1 Command hostname# show version Step 2 Step...-key Step 4 Step 5 Step 6 hostname(config)# exit hostname# copy running-config startup-config hostname# reload Purpose Shows the software release, hardware configuration, license key, and related uptime data.
.... Enters global configuration mode. The activation-5-tuple-key variable is a five-element hexadecimal string with your new license. Cisco ASA 5500 Series Getting Started Guide A-2 78-19186-01 Saves the configuration. Appendix A Obtaining a 3DES/AES License To use the activation key, perform the following steps: Step 1 Command hostname# show version Step 2 Step...-key Step 4 Step 5 Step 6 hostname(config)# exit hostname# copy running-config startup-config hostname# reload Purpose Shows the software release, hardware configuration, license key, and related uptime data.