Cisco ASA Firewall
Essentially, Cisco ASA Firewall evolved from Cisco first physical appliance called the Cisco PIX Firewall which had limited VPN capabilities. Also, these firewalls had the ability to provide Remote Access VPN capabilities using basic IPSec and PPTP type VPNs.
Later, as Web-based VPNs (SSL VPNs) were becoming more popular, Cisco acquired a company called Altiga which was known for its Web VPN capabilities. The Web VPN capability along with the Firewall feature of the PIX were ported into a new device called the ASA Firewall. Moreover, Cisco ASA firewall can operate as a L3 router by default and all routing functionalities that a normal router would have. It also can run RIP, EIGRP, OSPF and BGP routing protocols.
The difference between a regular router and a ASA firewall is that the router forwards all traffic by default whereas the ASA will allow traffic based on certain policies.
Cisco ASA Firewall Initial Configuration
To initialize an ASA interface, you need the following parameters first:
- Nameif: this mandatory parameter defines the name of the interface and is not case-sensitive. Although, it does preserve the case. Note that all commands reference the interface using the Name not the Physical ID.
- Security Level: it is a number between 0-100 and controls the default traffic flow thru the firewall. When you configured a blank interface with a Name, it sets the security kevel automatically to 0 except if the name of the interface is Inside which is 100.
- IP Address: it could be configured same as the Cisco routers and you do not have the ability to skip the mask if the IP address is using the default class mask.
0
