Cisco ASA 5505 User Manual download pdf (Page 70)

Home
Cisco
Hardware
ASA 5505
User Manual

Download
Share

Sharing
Add to my manuals
Print

1 2 ... 65 66 67 68 69 70 71 72 73 74 75 ... 198 199

Guide using the CLI 1
CONTENTS 3
2 Getting Started 2-1 4
3 Configuring Interfaces 8
Contents 10
4 Configuring Basic Settings 11
11 Configuring DHCP 11-1 12
13 Configuring Objects 13-1 12
6 Configuring IP Routing 16
21 Routing Overview 21-1 16
23 Defining Route Maps 23-1 17
24 Configuring OSPF 24-1 17
25 Configuring RIP 25-1 18
27 Configuring EIGRP 27-1 19
29 Information About NAT 29-1 21
31 Configuring Twice NAT 31-1 22
9 Configuring Access Control 24
54 Configuring QoS 54-1 39
14 Configuring Modules 41
16 Configuring VPN 46
77 Configuring Logging 77-1 57
79 Configuring SNMP 79-1 58
18 System Administration 60
82 Troubleshooting 82-1 61
19 Reference 62
About This Guide 65
Conventions 66
Getting Started with the ASA 69
VPN Specifications 71
New Features 71
Released: February 28, 2012 72
AAA Features 73
Released: October 31, 2012 74
• Secondary subnets 75
Remote Access Features 75
Monitoring Features 75
Released: June 18, 2012 76
New Features 78
Released: January 9, 2012 79
Troubleshooting Features 81
Released: June 20, 2011 82
Released: May 23, 2011 86
Interface Features 88
Routing Features 88
Released: January 31, 2011 89
Inspection Features 93
Firewall Functional Overview 94
Applying QoS Policies 96
Enabling Threat Detection 96
Firewall Mode Overview 97
Stateful Inspection Overview 97
VPN Functional Overview 98
Security Context Overview 99
Security Context Overview 100
Getting Started 101
Detailed Steps 103
Examples 105
Starting ASDM 106
Starting ASDM 107
Using ASDM in Demo Mode 109
Limitations 111
Saving Configuration Changes 116
Viewing the Configuration 118
Managing Feature Licenses 121
ASA 5505 122
ASA 5510 123
ASA 5520 124
ASA 5540 125
ASA 5550 126
ASA 5580 127
ASA 5512-X 128
ASA 5515-X 128
ASA 5525-X 129
ASA 5545-X 130
ASA 5555-X 131
ASA 5585-X with SSP-10 132
ASA 5585-X with SSP-20 133
General Licenses 134
Firewall Licenses 134
VPN Licenses 135
License Notes 136
Mobile Posture Support 137
Preinstalled License 141
Permanent License 141
Time-Based Licenses 141
Stacking Time-Based Licenses 143
Time-Based License Expiration 143
Failover and Shared Licenses 145
How Failover Licenses Combine 148
No Payload Encryption Models 150
Licenses FAQ 150
Configuring Licenses 152
Obtaining an Activation Key 153
Limitations and Restrictions 154
Configuring a Shared License 155
Monitoring Licenses 158
Monitoring the Shared License 164
Feature History for Licensing 166
Configuring the Firewall Mode 173
Transparent Firewall Network 174
Bridge Groups 174
Allowing Layer 3 Traffic 175
Allowed MAC Addresses 175
BPDU Handling 176
MAC Address vs. Route Lookups 176
Setting the Firewall Mode 180
Configuring ARP Inspection 183
Monitoring ARP Inspection 184
Firewall 185
Adding a Static MAC Address 187
Firewall Mode Examples 189
Figure 4-3 Inside to Outside 190
Firewall Mode Examples 191
Figure 4-6 Outside to Inside 193
Figure 4-7 DMZ to Inside 194
Figure 4-12 Outside to Inside 199
Context Configuration Files 202
Valid Classifier Criteria 203
Classification Examples 204
Cascading Security Contexts 206
System Administrator Access 207
Context Administrator Access 208
Resource Limits 208
Default Class 209
Class Members 210
Default MAC Address 211
Failover MAC Addresses 212
MAC Address Format 212
Configuring Multiple Contexts 214
Restoring Single Context Mode 216
Managing Security Contexts 223
Removing a Security Context 224
Changing the Admin Context 224
Reloading a Security Context 226
Monitoring Security Contexts 227
Table 5-2 show context Fields 228
Viewing Resource Allocation 229
Viewing Resource Usage 232
(ASA 5510 and Higher) 243
Auto-MDI/MDIX Feature 244
Management Interface 244
Redundant Interfaces 246
EtherChannels 247
Load Balancing 249
EtherChannel MAC Address 249
Failover Guidelines 252
EtherChannel Guidelines 252
Default Connector Type 254
Default MAC Addresses 254
Detailed Steps (Single Mode) 255
CustomerA Context 261
CustomerB Context 262
Configuring an EtherChannel 269
Customizing the EtherChannel 271
Monitoring Interfaces 275
VLAN MAC Addresses 282
Power over Ethernet 282
Monitoring Traffic Using SPAN 282
Configuring VLAN Interfaces 284
Trunk Port Example 290
(Routed Mode) 293
Dual IP Stack (IPv4 and IPv6) 294
Information About the MTU 301
Configuring IPv6 Addressing 303
Information About IPv6 304
Modified EUI-64 Interface IDs 305
(Transparent Mode) 311
Security Levels 312
Configuring Bridge Groups 317
Unsupported Commands 326
Configuring Basic Settings 333
Changing the Enable Password 336
Setting the Hostname 336
Setting the Date and Time 337
Configuring the DNS Server 345
Monitoring DNS Cache 346
Feature History for DNS Cache 346
Configuring DHCP 347
Configuring a DHCP Server 348
Enabling the DHCP Server 349
Configuring DHCP Options 350
DHCP Monitoring Commands 354
Feature History for DHCP 354
Configuring Dynamic DNS 355
Configuring DDNS 356
DDNS Monitoring Commands 360
Feature History for DDNS 360
Configuring Objects 363
Information About Objects 364
Configuring a Service Object 366
Configuring Object Groups 368
Adding a Network Object Group 369
Adding a Service Object Group 370
Nesting Object Groups 372
Monitoring Objects and Groups 373
Creating a Regular Expression 374
Context Mode Guidelines 378
Access List Types 383
Access Control Entry Order 384
Access Control Implicit Deny 385
Where to Go Next 386
Adding EtherType Access Lists 397
Adding a Standard Access List 401
Adding Standard Access Lists 403
Monitoring Access Lists 404
Adding a Webtype Access List 407
Using Webtype Access Lists 408
Adding an IPv6 Access List 417
Configuring IPv6 Access Lists 420
Adding IPv6 Access Lists 421
Monitoring IPv6 Access Lists 423
Managing Deny Flows 429
Monitoring Deny Flows 431
Managing Deny Flows 432
Configuring IP Routing 433
Routing Overview 435
Switching 436
Path Determination 436
Supported Route Types 436
Static Versus Dynamic 437
Single-Path Versus Multipath 437
Flat Versus Hierarchical 437
Next Hop Selection Process 438
Displaying the Routing Table 440
Backup Routes 442
Dynamic Routing and Failover 443
Features That Support IPv6 443
IPv6-Enabled Commands 444
Disabling Proxy ARPs 445
Disabling Proxy ARPs 446
Configuring a Static Route 449
Defining Route Maps 457
Permit and Deny Clauses 458
Match and Set Clause Values 458
Defining a Route Map 460
Customizing a Route Map 460
Configuring OSPF 463
Customizing OSPF 466
Configuring OSPF NSSA 473
Restarting the OSPF Process 476
Monitoring OSPF 478
Feature History for OSPF 479
Feature History for OSPF 480
Configuring RIP 481
Routing Update Process 482
RIP Routing Metric 482
RIP Stability Features 482
RIP Timers 482
Customizing RIP 484
Configuring the RIP Version 485
Filtering Networks in RIP 488
Enabling RIP Authentication 489
Restarting the RIP Process 490
Monitoring RIP 491
Configuration Example for RIP 491
Feature History for RIP 491
Feature History for RIP 492
Configuring Multicast Routing 493
Stub Multicast Routing 494
PIM Multicast Routing 494
Multicast Group Concept 494
Enabling Multicast Routing 495
Customizing Multicast Routing 496
Configuring IGMP Features 497
Configuring PIM Features 501
Filtering PIM Neighbors 504
Configuring EIGRP 509
Customizing EIGRP 512
Defining an EIGRP Neighbor 518
Filtering Networks in EIGRP 520
Disabling EIGRP Split Horizon 524
Monitoring EIGRP 525
Feature History for EIGRP 527
Feature History for EIGRP 528
Neighbor Reachable Time 541
Router Advertisement Messages 541
Configuring DAD Settings 547
Configuring the IPv6 Prefix 549
Information About NAT 555
NAT Terminology 556
NAT Types 557
NAT Types 558
Dynamic NAT 562
Information About Dynamic NAT 563
Dynamic PAT 564
Identity NAT 565
209.165.201.1 209.165.201.1 566
Inside Outside 566
209.165.201.2 209.165.201.2 566
NAT in Routed Mode 567
NAT in Transparent Mode 567
NAT for VPN 568
NAT for VPN 569
How NAT is Implemented 570
Information About Twice NAT 571
How NAT is Implemented 572
NAT Rule Order 574
NAT Interfaces 575
Routing NAT Packets 575
Mapped Addresses and Routing 576
Too late 577
DNS and NAT 578
DNS and NAT 579
Configuring Dynamic NAT 586
Configuring Identity NAT 594
Monitoring Network Object NAT 596
(Static NAT) 598
One-to-Many) 599
Configuring Twice NAT 607
Prerequisites for Twice NAT 608
Configuring Twice NAT 619
Monitoring Twice NAT 630
Feature History for Twice NAT 634
Modular Policy Framework 637
Policy Framework 639
Feature Directionality 640
Default Class Maps 646
port_num port_num} 651
Configuring Access Control 669
Configuring Access Rules 671
Implicit Permits 672
Implicit Deny 673
Inbound and Outbound Rules 673
Management Access Rules 675
Allowing MPLS 676
Monitoring Access Rules 678
Information About AAA 681
Information About AAA 682
Information About Accounting 683
Summary of Server Support 683
RADIUS Server Support 684
TACACS+ Server Support 685
RSA/SDI Server Support 685
NT Server Support 686
Kerberos Server Support 686
LDAP Server Support 686
LDAP Server Types 687
Using User Login Credentials 689
Using Certificates 689
Configuring AAA 690
Task Flow for Configuring AAA 691
Managing User Passwords 705
Changing User Passwords 707
Using Local Authentication 708
Using RADIUS Authentication 709
Using LDAP Authentication 709
Monitoring AAA Servers 710
Flexibility 715
Deployment Scenarios 716
Redundant 717
Inside Enterprise 719
AD Servers 719
AD Agent 719
WAN / LAN 719
Prerequisite 722
Task Flow in the ASA 722
Configuring Identity Options 726
Example 2 736
• Monitoring Groups, page 26 737
Monitoring AD Agents 738
Monitoring Groups 738
Configuring Management Access 741
Configuring Telnet Access 743
Using a Telnet Client 744
Configuring SSH Access 744
Using an SSH Client 745
Configuring CLI Parameters 746
Configuring a Login Banner 747
Customizing a CLI Prompt 748
Changing the Console Timeout 749
Configuring ICMP Access 750
Additional Guidelines 753
Command) 759
Recovering from a Lockout 771
AAA Performance 775
ASA Authentication Prompts 777
Static PAT and HTTP 778
Feature History for AAA Rules 795
Configuring ActiveX Filtering 798
Caching Server Addresses 807
Filtering HTTP URLs 807
Enabling HTTP Filtering 808
Filtering HTTPS URLs 809
Filtering FTP Requests 810
Information About WCCP 815
Enabling WCCP Redirection 817
WCCP Monitoring Commands 818
Feature History for WCCP 818
Public Key Cryptography 820
Certificate Scalability 820
Key Pairs 820
Trustpoints 821
Revocation Checking 822
The Local CA 824
Configuring Key Pairs 827
Removing Key Pairs 828
Configuring Trustpoints 828
Enabling the Local CA Server 840
Debugging the Local CA Server 844
Disabling the Local CA Server 844
Deleting the Local CA Server 844
Configuring the Issuer Name 846
Configuring the CRL Lifetime 848
Downloading CRLs 851
Storing CRLs 852
Adding and Enrolling Users 854
Renewing Users 856
Restoring Users 857
Removing Users 857
Revoking Certificates 858
Table 42-2 Protocol Keywords 873
Protocols 877
How DNS Rewrite Works 878
Configuring DNS Rewrite 879
DNS Inspection 881
FTP Inspection 887
FTP Inspection 888
HTTP Inspection 892
ICMP Inspection 896
ICMP Error Inspection 897
Instant Messaging Inspection 897
IP Options Inspection 900
IPsec Pass Through Inspection 902
IPv6 Inspection 903
NetBIOS Inspection 904
PPTP Inspection 906
TFTP Inspection 910
H.323 Inspection 913
H.323 Inspection Overview 914
How H.323 Works 914
Monitoring H.225 Sessions 919
Monitoring H.245 Sessions 920
Monitoring H.323 RAS Sessions 920
MGCP Inspection 921
MGCP Inspection 922
RTSP Inspection 925
Using RealPlayer 926
Restrictions and Limitations 926
SIP Inspection 929
SIP Inspection 930
Skinny (SCCP) Inspection 935
Supporting Cisco IP Phones 936
Skinny (SCCP) Inspection 940
Directory Protocols 941
SQL*Net Inspection 942
Sun RPC Inspection 943
Managing Sun RPC Services 944
Sun RPC Inspection 946
Application Protocols 947
GTP Inspection 949
GTP Inspection 950
RADIUS Accounting Inspection 955
RSH Inspection 957
SNMP Inspection 957
XDMCP Inspection 958
XDMCP Inspection 959
Communications Proxy Features 975
Phone Proxy Functionality 983
Cisco Unified IP Phones 985
DNS Lookup Prerequisites 989
Access List Rules 989
NAT and PAT Prerequisites 990
End-User Phone Provisioning 994
Configuring the Phone Proxy 996
Configuring the Phone Proxy 999
Creating the CTL File 1000
Prerequisites 1001
What to Do Next 1001
Using an Existing CTL File 1002
What To Do Next 1004
Configuring Your Router 1009
Note Using the show logging 1013
IP Phone Registration Failure 1014
SSL Handshake Failure 1021
Certificate Validation Errors 1022
Audio Problems with IP Phones 1023
Saving SAST Keys 1023
Publisher 1025
Different Servers 1028
Server on Different Servers 1030
Example 6: VLAN Transversal 1033
LS Proxy for Encrypted Voice 1037
Inspection 1037
Figure 49-1 TLS Proxy Flow 1038
CTL Client Overview 1039
Licensing for the TLS Proxy 1041
Creating an Internal CA 1046
Monitoring the TLS Proxy 1051
OML HTTP etc 1056
Mobile Data 1057
Network (GPRS 1057
Data Channel) 1057
Advantage Proxy Only 1058
Mobility Advantage 1065
Proxy Only 1066
Enterprise Y Firewall omitted 1071
Director 1072
XMPP Federation Deployments 1073
Federation 1077
Installing Certificates 1078
Tickets and Passwords 1091
UC-IME server passes 1092
Call Fallback to the PSTN 1093
Basic Deployment 1094
Off Path Deployment 1095
Only UC-IME calls pass 1096
Guidelines and Limitations 1097
Guidelines and Limitations 1098
Guidelines 1105
Procedure 1105
Creating the TLS Proxy 1112
192.168.10.30 1118
Outside Cisco UCM address 1118
209.165.200.228 1118
ASA inside interface 1118
192.168.10.1 1118
Compatibility 1130
TCP Sequence Randomization 1131
TCP Normalization 1131
TCP State Bypass 1131
Default Settings 1133
Table 53-1 tcp-map Commands 1135
Example: 1140
Monitoring TCP State Bypass 1142
Configuring QoS 1145
Supported QoS Features 1146
What is a Token Bucket? 1146
Information About Policing 1147
How QoS Features Interact 1148
Restrictions 1151
Configuring the Service Rule 1157
Monitoring QoS 1159
Feature History for QoS 1162
Database Files 1167
Database Traffic Types 1167
Enabling DNS Snooping 1174
Recommended Configuration 1177
Other Configuration Examples 1184
Where to Go Next 1185
Configuring Threat Detection 1187
Using Protection Tools 1207
Configuring the Fragment Size 1208
Blocking Unwanted Connections 1208
Configuring IP Audit 1209
IP Audit Signature List 1210
that is 1212
Configuring Modules 1219
Operating Modes 1222
Cisco ASA SSC-05 1228
Monitoring the ASA IPS module 1240
Resetting the Password 1243
Shutting Down the Module 1244
Configuring the ASA CX Module 1247
Initial Configuration 1249
Monitoring the ASA CX Module 1258
Showing Module Statistics 1259
Monitoring Module Connections 1260
Capturing Module Traffic 1263
General Recovery Procedures 1263
Debugging the Module 1265
Information About the CSC SSM 1269
Prerequisites for the CSC SSM 1273
Configuring the CSC SSM 1275
Connecting to the CSC SSM 1276
Configuring the CSC SSM 1277
Monitoring the CSC SSM 1281
Additional References 1286
Configuring High Availability 1287
Failover System Requirements 1290
Failover Link 1291
Stateful Failover Link 1292
Scenario 1—Not Recommended 1294
Scenario 2—Recommended 1294
Scenario 3—Recommended 1295
Scenario 4—Recommended 1295
Stateless (Regular) Failover 1297
Stateful Failover 1298
Auto Update Process Overview 1300
Failover Health Monitoring 1302
Interface Monitoring 1303
Failover Times 1304
Failover Messages 1304
Failover Messages 1305
Command Replication 1309
Failover Triggers 1310
Failover Actions 1310
Table 62-2 Failover Behavior 1311
Firewall Mode Guidelines 1313
IPv6 Guidelines 1313
Model Guidelines 1313
Configuring the Primary Unit 1314
Configuring Failover Criteria 1320
Controlling Failover 1322
Disabling Failover 1323
Restoring a Failed Unit 1323
Figure 63-1 ASR Example 1343
Remote Command Execution 1345
Changing Command Modes 1346
Configuring VPN 1351
Configuring IPsec and ISAKMP 1353
IPsec Overview 1354
ISAKMP and IKE Overview 1354
Remote Access IPsec VPNs 1355
Configuring ISAKMP 1360
Configuring ISAKMP 1362
Enabling IPsec over NAT-T 1366
Using NAT-T 1367
Configuring IPsec 1371
Defining Crypto Maps 1372
Configuring IPsec 1373
Crypto Map 1 1376
Crypto Map 2 1376
Using Interface Access Lists 1378
Changing IPsec SA Lifetimes 1381
Using Dynamic Crypto Maps 1383
Configuring L2TP over IPsec 1391
Tunnel mode 1392
Transport mode 1392
Understanding Load Balancing 1414
Implementing Load Balancing 1415
Eligible Platforms 1416
Eligible Clients 1416
VPN Load-Balancing Algorithm 1416
Configuring Load Balancing 1419
IP Address Pool Exhaustion 1422
Unique IP Address Pools 1422
Viewing Load Balancing 1423
• Group Policies, page 67-36 1427
Connection Profiles 1428
Connection Profiles 1429
Maximum Connection Profiles 1432
Applying Customization 1450
AnyConnect Client 1460
Group Policies 1462
Default Group Policy 1463
Configuring Group Policies 1465
Configuring DHCP Intercept 1478
Configuring an Idle Timeout 1480
Configuring IP Phone Bypass 1480
Configuring LEAP Bypass 1481
Configuring Address Pools 1488
Configuring Firewall Policies 1489
Cisco Integrated Firewall 1492
Cisco Security Agent 1492
No Firewall 1492
Custom Firewall 1493
Zone Labs Firewalls 1493
Sygate Personal Firewalls 1493
Specifying a “Deny” Message 1497
Specifying the User Home Page 1499
Configuring Auto-Signon 1499
Applying a URL List 1500
Specifying HTTP Compression 1502
Specifying the SSO Server 1503
Configuring User Attributes 1505
Configuring Inheritance 1507
Configuring Access Hours 1507
Configuring the Idle Timeout 1508
Applying an ACL Filter 1508
Configuring AAA Addressing 1520
Configuring DHCP Addressing 1521
Configuring an Address Pool 1533
Adding a User 1534
Defining a Tunnel Group 1535
Creating a Dynamic Crypto Map 1536
Licensing Requirements 1542
Licensing Requirements 1543
Prerequisites for NAC 1544
Configuring a NAC Policy 1548
Specifying the Mode 1561
Configuring IPsec Over TCP 1562
Comparing Tunneling Options 1563
Specifying the Tunnel Group 1565
Specifying the Trustpoint 1565
Configuring Split Tunneling 1566
Configuring Remote Management 1567
• Authentication Options 1568
EasyVPN Hardware Client 1568
Authentication Options 1570
Configuring the PPPoE Client 1571
Enabling PPPoE 1573
Clearing the Configuration 1575
Using Related Commands 1575
Using Related Commands 1576
Summary of the Configuration 1577
Configuring Interfaces 1578
Outside Interface 1579
Creating an IKEv2 Proposal 1582
Configuring an ACL 1583
Step 2 Save your changes 1586
Managing Passwords 1598
Gathering HTTP Form Data 1610
Configuring SSO for Plug-ins 1614
Encoding 1615
Encoding 1616
Accessing Resources 1617
Using an LDAP Server 1618
Understanding How KCD Works 1628
Authentication Flow with KCD 1629
Before Configuring KCD 1630
Configuring KCD 1631
About Smart Tunnels 1635
Why Smart Tunnels? 1635
Assigning a Smart Tunnel List 1641
Requirements 1648
Logging Off Smart Tunnel 1649
Configuring Port Forwarding 1650
Automating Port Forwarding 1656
Application Access User Notes 1657
Understanding the hosts File 1658
Configuring File Access 1660
Configuring E-mail Proxies 1665
Configuring Caching 1667
Disabling Content Rewrite 1669
Using Proxy Bypass 1669
APCF Syntax 1671
Viewing the Floating Toolbar 1675
Modifying Your HTML File 1687
Customizing Help 1692
Communicating Security Tips 1695
Features 1696
Browsing the Web 1697
Using Port Forwarding 1698
Using E-mail Via Web Access 1700
Using E-mail Via E-mail Proxy 1700
Using Smart Tunnel 1700
Creating Translation Tables 1702
Capturing Data 1707
Capturing Data 1710
Configuring DTLS 1718
Prompting Remote Users 1718
Profile Editor in ASDM 1720
Standalone Profile Editor 1720
Enabling Start Before Logon 1721
Enabling Rekey 1724
Enabling Keepalive 1726
Using Compression 1726
Adjusting MTU Size 1727
Configuring Session Timeouts 1727
Enabling IPv6 VPN Access 1728
Dependencies 1733
Host Scan Packaging 1734
Uninstalling Host Scan 1737
Call Home 1741
Configuring Logging 1743
Analyzing Syslog Messages 1744
Syslog Message Format 1745
Severity Levels 1745
Filtering Syslog Messages 1746
Using Custom Message Lists 1746
Prerequisites for Logging 1747
Configuring Logging 1749
Creating a Custom Event List 1755
Configuring the Logging Queue 1757
Enabling Secure Logging 1758
Disabling a Syslog Message 1760
Monitoring the Logs 1761
Feature History for Logging 1762
Feature History for Logging 1763
Information About NSEL 1765
Information About NSEL 1766
Prerequisites for NSEL 1767
Configuring NSEL 1768
Configuring NSEL Collectors 1769
Delaying Flow-Create Events 1773
Monitoring NSEL 1774
Feature History for NSEL 1778
Feature History for NSEL 1779
Configuring SNMP 1781
Table 79-1 SNMP Terminology 1782
SNMP Object Identifiers 1783
Information About SNMP 1784
Supported Tables in MIBs 1791
Note Not supported on the 1793
SNMP Version 3 1795
Security Models 1796
SNMP Groups 1796
SNMP Users 1796
SNMP Hosts 1796
Prerequisites for SNMP 1797
Configuring SNMP Traps 1800
Using SNMP Version 1 or 2c 1802
Using SNMP Version 3 1803
Troubleshooting Tips 1804
Interface Types and Examples 1805
Monitoring SNMP 1806
SNMP Syslog Messaging 1807
SNMP Monitoring 1807
Feature History for SNMP 1811
Feature History for SNMP 1812
Smart Call Home 1813
What is Sent to Cisco? 1814
DNS Requirement 1815
Configuring Smart Call Home 1819
Configuring DNS 1820
Subscribing to Alert Groups 1821
Configuring the Mail Server 1827
Monitoring Smart Call Home 1831
System Administration 1833
Viewing Files in Flash Memory 1835
Configuration 1842
Running the Script 1844
Sample Script 1845
• asa5505: Cisco 5505 ASA 1852
Downgrading Your Software 1853
Performing the Downgrade 1854
Downgrading Your Software 1855
Troubleshooting 1857
Pinging ASA Interfaces 1859
Security 1860
Appliance 1860
Reloading the ASA 1864
Performing Password Recovery 1864
Disabling Password Recovery 1866
Erasing the Flash File System 1868
Other Troubleshooting Tools 1869
Common Problems 1870
Common Problems 1871
Reference 1873
APPENDIX 1875
Command Modes and Prompts 1876
Syntax Formatting 1877
Abbreviating Commands 1877
Command-Line Editing 1877
Command Completion 1878
Command Help 1878
Filtering show Command Output 1878
Command Output Paging 1879
Adding Comments 1879
Text Configuration Files 1879
Automatic Text Entries 1881
Line Order 1881
Passwords 1881
Supported Character Sets 1882
Private Networks 1884
Subnet Masks 1884
Determining the Subnet Mask 1885
Class B-Size Network Address 1886
IPv6 Addresses 1887
IPv6 Address Types 1888
Global Address 1889
Site-Local Address 1889
Link-Local Address 1889
Multicast Address 1890
Anycast Address 1891
IPv6 Address Prefixes 1892
Protocols and Applications 1893
TCP and UDP Ports 1893
Table B-7 Port Literal Values 1894
TCP and UDP Ports 1895
Local Ports and Protocols 1896
ICMP Types 1897
ICMP Types 1898
Attributes 1899
Searching the LDAP Hierarchy 1901
Cisco AV Pairs ACL Examples 1912
Figure C-4 Banner Displayed 1916
Step 1 Right-click the user 1916
Step 2 Click the General tab 1923
• group policy name 1927
• OU=group policy name 1927
• OU=group policy name; 1927
Engineering, Sales 1933
Attribute Description 1937
Numerics 1939
Glossary 1940

Comments to this Manuals

No comments

Cisco ASA 5505 User Manual Page 70

Comments to this Manuals