Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

help configuring 5510

I just upgraded an ASA-5510 from 7.0 to 8.4.4-1 and theres a lot of stuff in it I don't recognize that I never added, mostly because of new network objects, nat commands, and other migration stuff. Its been awhile since I've configured the ASA and I think I'd like to start from scratch and clean it up a bit because theres so many lines for so little that I really need. I just think its sort of a mess right now so I was hoping someone could help me with the commands to do the following tasks.

I have a 5510 assigned an IP address on the outside interface with 3 inside interfaces and below are the only requirements I need.

Network-A (192.168.1.0/24)

   - incoming ssh port 2202 goes to node 192.168.1.2

   - incoming ssh port 2203 goes to node 192.168.1.3

   - handle incoming https (443) requests

   - handle incoming www (80) requests

   - cannot see Network-B or Network-C

Network-B (10.0.0.0/16)

   - ssh to nodes on Network-A

   - incoming ssh port 22 goes to node 10.0.0.20

Network-C (192.168.2.0/24)

   - ssh to nodes on Network-A

   - incoming ssh port 2210 goes to node 192.168.2.2

ASA-5510

   - sends logging to syslog node 192.168.1.3 on Network-A

   - there are DNS and NTP servers located outside

Any help much appreciated.

Everyone's tags (2)
1 REPLY
Cisco Employee

help configuring 5510

HI ,

this is a whole new installation with 8.4 . you will need to be aware of the folllowing :

-ASA 8.4 configuration guide ( it contains eveything from A to Z) .

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/asa_84_cli_config.html

- ASA 8.3 and later configuration example :

https://supportforums.cisco.com/docs/DOC-9129

it contains the config for pre 8.3 images and the corrosponding one in 8.3 and later images ( very useful link ).

- Finally remember to use the private ip address in your access-lists ( real ip address and not the translated one ).

HTH .

Mohammad.

327
Views
0
Helpful
1
Replies