The simplest configuration is for the ASA to use DHCP to obtain an IP address from your ISP, as well as for the ASA to function as a DHCP server to your internal network and to use PAT. The ASDM Startup Wizard will ask you a few questions and configure your ASA 5505.
Note that you must install Java to run the ASDM. Open your browser and enter to get access to the Cisco Adaptive Security Device Manager ( ASDM) and run the ASDM Startup Wizard. Connect port 0 to your Internet connection, connect your LAN devices to ports 1 through 7, and connect the power to get started. Ports 6 and 7 provide Power over Ethernet (PoE). Of the network ports, port 0 is configured by default to connect to the Internet, and ports 1 through 7 are configured as LAN ports. The front of the ASA 5505 has a USB port for future expansion, and the back of the device has a card slot for expansion cards, eight Fast Ethernet (100Mbps) network ports, a console port, and a power connection. (To keep costs down, Cisco standardized its chassis design.) Figure 1 shows the Cisco ASA 5505. When you unpack the ASA 5505, the chassis might look familiar and remind you of other Cisco products that are tailored to small businesses.
The ASA 5505 comes with two network cables, a console port cable that connects to a serial port on a PC, and a power supply. All the ASA 5505’s features and licensing options can make your head spin.
You can also purchase upgrade licenses later if you require them. The ASA 5505 can be purchased with licenses for 50 users, an unlimited number of users, more VPN peers, failover support, Virtual LANs (VLANs), and a true demilitarized zone (DMZ) LAN segment, among other features. This configuration will cost you less than $400 and is sufficient for most small networks. A basic-level license supports 10 simultaneous users on the LAN, 10 IPsec VPN connections, and 2 SSL VPN connections. As in many Cisco products, the ASA 5505’s advanced features need licenses to unlock them for use. The Cisco ASA 5505 is the entry-level product in the family, but it’s packed with enterprise-class features that can be used as organizations grow or their needs change. For these reasons, I recommend that you look at the range of Adaptive Security Appliances (ASAs) from Cisco, which are the successors to the PIX family, and are excellent firewalls. Although some broadband routers have rudimentary firewalls, they’re often insufficient or they lack the enterprise-class features that branch offices require. Unfortunately, these devices-especially those provided by the broadband provider-aren’t true firewalls and rely on Port Address Translation (PAT) or Network Address Translation (NAT) to protect connected computers. Many small businesses, as well as organizations with branch offices, rely on broadband routers to act as firewalls to protect their networks.