The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The ASDM Startup Wizard guides you through the initial configuration of the ASA, and helps you define basic settings.
To access this feature in the main ASDM application window, choose one of the following:
The following table shows the licensing requirements for this feature:
|
|
---|---|
This section includes the guidelines and limitations for this feature.
Supported in single mode and within a context in multiple context mode. This wizard is not supported in the System.
The actual sequence of screens is determined by your specified configuration selections. Each screen is available for all modes or models unless otherwise noted. This section includes the following topics:
– To configure the IP address and subnet mask of the Management 0/0 (ASA 5512-X and higher) or VLAN 1 (ASA 5505) interface to be different from the default value (192.168.1.1), check the Configure the IP address of the management interface check box.
Note If you reset the configuration to factory defaults, you cannot undo these changes by clicking Cancel or by closing this screen.
In multiple context mode, this screen does not contain any parameters.
The interface screens depend on the mode and model. This section includes the following topics:
This screen lets you group the eight, Fast Ethernet switch ports on the ASA 5505 into three VLANs. These VLANs function as separate, Layer 3 networks. You can then choose or create the VLANs that define your network—one for each interface: Outside, Inside, or DMZ (DMZ is available in routed mode only). A DMZ is a separate network located in the neutral zone between a private (inside) network and a public (outside) network.
See Configuring VLAN Interfaces for more information.
This screen lets you allocate switch ports to Outside, Inside, or DMZ interfaces (DMZ is only available in routed mode). By default, all switch ports are assigned to VLAN 1 (Inside).
See Configuring VLAN Interfaces for more information.
Configure the IP address of each VLAN interface. See Configuring General Interface Parameters for more information..
Configure the PPoE settings for each interface. See PPPoE IP Address and Route Settings for more information.
Configure the PPoE settings for the outside interface. See PPPoE IP Address and Route Settings for more information.
For IPv4, a management IP address is required for each bridge group for both management traffic and for traffic to pass through the ASA. This screen sets the IP address for BVI 1.
See Configuring Bridge Groups for more information.
Configure static routes. See “Static and Default Routes,” for more information.
Note For the ASA 5505, to access this screen, you must have checked the Configure the device for Teleworker usage check box in Basic Configuration.
The ASA can act as an Easy VPN remote device to enable deployment of VPNs to remote locations. See the VPN configuration guide.
Note To access this screen, you must have checked the Configure the device for Teleworker usage check box in Basic Configuration and unchecked the Enable Auto Update check box in Auto Update Server (Single Mode).
Configure the DHCP server. See Configuring the DHCP Server for more information.
Configures NAT or PAT for inside addresses (the interface with the highest security level) when accessing the outside (the interface with the lowest security level). See the firewall configuration guide for more information.
In single context mode, you can use the Startup Wizard in ASDM to configure basic IPS network configuration. These settings are saved to the IPS configuration, not the ASA configuration. See the firewall configuration guide.
You can use the Startup Wizard in ASDM to configure the ASA CX management address and Auth Proxy Port. These settings are saved to the ASA CX configuration, not the ASA configuration. Note : You will also need to set additional network settings at the ASA CX CLI. See the firewall configuration guide for information about this screen.
You can use the Startup Wizard in ASDM to configure the ASA FirePOWER management address information and accept the end user license agreement (EULA). These settings are saved to the ASA FirePOWER configuration, not the ASA configuration. You will also need to configure some settings in the ASA FirePOWER CLI. For more information, see the chapter on the ASA FirePOWER module in the firewall configuration guide.
Configure the clock parameters. See Setting the Date and Time for more information.
– Enter your Cisco.com username and password, and then confirm the password.
– Enter the start time in hh:mm:ss format, using a 24-hour clock.
Note For the ASA 5505, to access this screen, you must have checked the Configure the device for Teleworker usage check box in Basic Configuration.
This screen summarizes all of the configuration settings that you have made for the ASA.
– If you ran the Startup Wizard directly from a browser, when you click Finish, the configuration settings that you created through the wizard are sent to the ASA and saved in flash memory automatically.
– If you ran the Startup Wizard from within ASDM, you must explicitly save the configuration in flash memory by choosing File > Save Running Configuration to Flash.
Table 8-1 lists each feature change and the platform release in which it was implemented. ASDM is backwards-compatible with multiple platform releases, so the specific ASDM release in which support was added is not listed.