Quick Start Guide
Page 1
Quick Start Guide Cisco PIX 515E Firewall 1 Check Items Included 2 Install the PIX 515E 3 Configure the PIX 515E 4 Example Configurations 5 Optional Maintenance and Upgrade Procedures
Quick Start Guide Cisco PIX 515E Firewall 1 Check Items Included 2 Install the PIX 515E 3 Configure the PIX 515E 4 Example Configurations 5 Optional Maintenance and Upgrade Procedures
Quick Start Guide
Page 4
...the other yellow Ethernet cable (72-1482-01) provided to connect the inside 10/100 Ethernet interface, Ethernet 1, to the Cisco PIX Firewall Hardware Installation Guide. 4 Step 2 Step 3 Step 4 Step 5 Use the yellow Ethernet cable (72-1482-01) provided to connect the...Ethernet interface, Ethernet 0, to the Cisco PIX Firewall Hardware Installation Guide. Power up the PIX 515E. For rack-mounting and failover instructions, refer to a DSL modem, cable modem, or switch. 2 Install the PIX 515E DMZ server Switch DMZ PIX 515E Switch Inside Outside Laptop computer Printer Personal...
...the other yellow Ethernet cable (72-1482-01) provided to connect the inside 10/100 Ethernet interface, Ethernet 1, to the Cisco PIX Firewall Hardware Installation Guide. 4 Step 2 Step 3 Step 4 Step 5 Use the yellow Ethernet cable (72-1482-01) provided to connect the...Ethernet interface, Ethernet 0, to the Cisco PIX Firewall Hardware Installation Guide. Power up the PIX 515E. For rack-mounting and failover instructions, refer to a DSL modem, cable modem, or switch. 2 Install the PIX 515E DMZ server Switch DMZ PIX 515E Switch Inside Outside Laptop computer Printer Personal...
Quick Start Guide
Page 5
... Ethernet cable. Configure your PC by selecting an address out of the PIX Firewall and the corresponding LINK LED on the PIX 515E. Refer to the Cisco PIX Firewall Command Reference. For more information about the icmp command, refer to the Cisco PIX Device Manager Installation Guide for more information on the Ethernet 1 interface of the 192.168...
... Ethernet cable. Configure your PC by selecting an address out of the PIX Firewall and the corresponding LINK LED on the PIX 515E. Refer to the Cisco PIX Firewall Command Reference. For more information about the icmp command, refer to the Cisco PIX Device Manager Installation Guide for more information on the Ethernet 1 interface of the 192.168...
Quick Start Guide
Page 21
...an example VPN tunnel between two PIX 515E, and will be referenced in five simple steps. At the first VPN Wizard page, do the following steps. Select the Site to configure PIX 1. b. Site A Site B 98000 Inside 10.10.10.0 PIX 1 Outside 1.1.1.1 Internet Outside 2.2.2.2 PIX 2 Inside 20.20.20.0... Wizard page. Note The Site to Site VPN option connects two IPSec security gateways, which can include PIX Firewalls, VPN concentrators, or other devices that can quickly guide you through the process of configuring a site-to-site VPN in the following : a. Select outside ...
...an example VPN tunnel between two PIX 515E, and will be referenced in five simple steps. At the first VPN Wizard page, do the following steps. Select the Site to configure PIX 1. b. Site A Site B 98000 Inside 10.10.10.0 PIX 1 Outside 1.1.1.1 Internet Outside 2.2.2.2 PIX 2 Inside 20.20.20.0... Wizard page. Note The Site to Site VPN option connects two IPSec security gateways, which can include PIX Firewalls, VPN concentrators, or other devices that can quickly guide you through the process of configuring a site-to-site VPN in the following : a. Select outside ...
Quick Start Guide
Page 29
.../pcgi-bin/Software/FormManager/formgenerator.pl Provide your PIX 515E within two hours (or less) on activation key examples or upgrading software, refer to the Cisco PIX Firewall and VPN Configuration Guide. 29 If you are a registered user of Cisco.com, go to the following links: http://www.cisco.com/warp/customer/471/pix_router_dyn.html http://www...
.../pcgi-bin/Software/FormManager/formgenerator.pl Provide your PIX 515E within two hours (or less) on activation key examples or upgrading software, refer to the Cisco PIX Firewall and VPN Configuration Guide. 29 If you are a registered user of Cisco.com, go to the following links: http://www.cisco.com/warp/customer/471/pix_router_dyn.html http://www...
Quick Start Guide
Page 33
If a four-port FE card is used with the restricted license, only one network interface is Ethernet 3. (Using more than one or two single-port Ethernet circuit boards installed in the auxiliary assembly on the ... that the top circuit board is Ethernet 2 and the bottom circuit board is activated.) Note If you have a second PIX 515E to the "Installing a Circuit Board in the PIX 515E" section in the Cisco PIX Firewall Hardware Installation Guide. 33 If you need to install an optional circuit board, refer to use as a failover unit, install the...
If a four-port FE card is used with the restricted license, only one network interface is Ethernet 3. (Using more than one or two single-port Ethernet circuit boards installed in the auxiliary assembly on the ... that the top circuit board is Ethernet 2 and the bottom circuit board is activated.) Note If you have a second PIX 515E to the "Installing a Circuit Board in the PIX 515E" section in the Cisco PIX Firewall Hardware Installation Guide. 33 If you need to install an optional circuit board, refer to use as a failover unit, install the...
Getting Started Guide
Page 1
Cisco PIX 515E Security Appliance Getting Started Guide Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7817654= Text Part Number: 78-17645-01
Cisco PIX 515E Security Appliance Getting Started Guide Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7817654= Text Part Number: 78-17645-01
Getting Started Guide
Page 2
... StackWise are the property of their respective owners. All other trademarks mentioned in the United States and certain other company. (0601R) Cisco PIX 515E Security Appliance Getting Started Guide © 2006 Cisco Systems, Inc. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part...
... StackWise are the property of their respective owners. All other trademarks mentioned in the United States and certain other company. (0601R) Cisco PIX 515E Security Appliance Getting Started Guide © 2006 Cisco Systems, Inc. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part...
Getting Started Guide
Page 3
1 C H A P T E R 2 C H A P T E R 78-17645-01 CONTENTS Installing and Setting Up the PIX 515E Security Appliance 1-1 Verifying the Package Contents 1-2 Installing the PIX 515E Security Appliance 1-3 Front and Back Panel Components 1-4 Setting Up the Security Appliance 1-5 About the Factory-Default Configuration 1-6 About the Adaptive Security Device Manager 1-6 Using the ... Configuring an External Identity for the DMZ Web Server 2-16 Providing Public HTTP Access to the DMZ Web Server 2-18 What to Do Next 2-24 PIX 515E Security Appliance Getting Started Guide iii
1 C H A P T E R 2 C H A P T E R 78-17645-01 CONTENTS Installing and Setting Up the PIX 515E Security Appliance 1-1 Verifying the Package Contents 1-2 Installing the PIX 515E Security Appliance 1-3 Front and Back Panel Components 1-4 Setting Up the Security Appliance 1-5 About the Factory-Default Configuration 1-6 About the Adaptive Security Device Manager 1-6 Using the ... Configuring an External Identity for the DMZ Web Server 2-16 Providing Public HTTP Access to the DMZ Web Server 2-18 What to Do Next 2-24 PIX 515E Security Appliance Getting Started Guide iii
Getting Started Guide
Page 4
... 3-1 Example IPsec Remote-Access VPN Network Topology 3-1 Implementing the IPsec Remote-Access VPN Scenario 3-2 Information to Have Available 3-3 Starting ASDM 3-3 Configuring the PIX 515E for an IPsec Remote-Access VPN 3-5 Selecting VPN Client Types 3-6 Specifying the VPN Tunnel Group Name and Authentication Method 3-7 Specifying a User Authentication Method ... About the Remote VPN Peer 4-6 Configuring the IKE Policy 4-7 Configuring IPsec Encryption and Authentication Parameters 4-9 Specifying Hosts and Networks 4-10 PIX 515E Security Appliance Getting Started Guide iv 78-17645-01
... 3-1 Example IPsec Remote-Access VPN Network Topology 3-1 Implementing the IPsec Remote-Access VPN Scenario 3-2 Information to Have Available 3-3 Starting ASDM 3-3 Configuring the PIX 515E for an IPsec Remote-Access VPN 3-5 Selecting VPN Client Types 3-6 Specifying the VPN Tunnel Group Name and Authentication Method 3-7 Specifying a User Authentication Method ... About the Remote VPN Peer 4-6 Configuring the IKE Policy 4-7 Configuring IPsec Encryption and Authentication Parameters 4-9 Specifying Hosts and Networks 4-10 PIX 515E Security Appliance Getting Started Guide iv 78-17645-01
Getting Started Guide
Page 5
Contents A A P P E N D I X Viewing VPN Attributes and Completing the Wizard 4-11 Configuring the Other Side of the VPN Connection 4-13 What to Do Next 4-13 Obtaining a DES License or a 3DES-AES License A-1 78-17645-01 PIX 515E Security Appliance Getting Started Guide v
Contents A A P P E N D I X Viewing VPN Attributes and Completing the Wizard 4-11 Configuring the Other Side of the VPN Connection 4-13 What to Do Next 4-13 Obtaining a DES License or a 3DES-AES License A-1 78-17645-01 PIX 515E Security Appliance Getting Started Guide v
Getting Started Guide
Page 6
Contents PIX 515E Security Appliance Getting Started Guide vi 78-17645-01
Contents PIX 515E Security Appliance Getting Started Guide vi 78-17645-01
Getting Started Guide
Page 7
CH A P T E R 1 Installing and Setting Up the PIX 515E Security Appliance This chapter describes how to Do Next, page 1-9 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-1 This chapter includes the following sections: • Verifying the Package Contents, page 1-2 • Installing the PIX 515E Security Appliance, page 1-3 • Front and Back Panel Components, page 1-4 • Setting Up the Security Appliance, page 1-5 • What to install and perform the initial configuration of the security appliance.
CH A P T E R 1 Installing and Setting Up the PIX 515E Security Appliance This chapter describes how to Do Next, page 1-9 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-1 This chapter includes the following sections: • Verifying the Package Contents, page 1-2 • Installing the PIX 515E Security Appliance, page 1-3 • Front and Back Panel Components, page 1-4 • Setting Up the Security Appliance, page 1-5 • What to install and perform the initial configuration of the security appliance.
Getting Started Guide
Page 8
...all items necessary to install your PIX 515E security appliance. Verifying the Package Contents Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Verifying the Package Contents Verify the contents of PIX 515E Package PC terminal adapter (74-0495-01) PIX-515E DO NOT INSTALL INTERFACE CARDS WITH... 4 spacers (69-0123-01) (69-0124-01) (69-0125-01) SPercoudruitcyCtiAsCpcDopliPaInXce CGoumSidapefleiatyncaend GeGttuinPidgIeXSt5SaE1or5ntfetdEwdUarseerWLaicrreannstey and 97955 Rubber feet Documentation PIX 515E Security Appliance Getting Started Guide 1-2 78-17645-01
...all items necessary to install your PIX 515E security appliance. Verifying the Package Contents Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Verifying the Package Contents Verify the contents of PIX 515E Package PC terminal adapter (74-0495-01) PIX-515E DO NOT INSTALL INTERFACE CARDS WITH... 4 spacers (69-0123-01) (69-0124-01) (69-0125-01) SPercoudruitcyCtiAsCpcDopliPaInXce CGoumSidapefleiatyncaend GeGttuinPidgIeXSt5SaE1or5ntfetdEwdUarseerWLaicrreannstey and 97955 Rubber feet Documentation PIX 515E Security Appliance Getting Started Guide 1-2 78-17645-01
Getting Started Guide
Page 9
..., router, or switch. Connect one of the chassis. Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Installing the PIX 515E Security Appliance Installing the PIX 515E Security Appliance This section describes how to the chassis with the supplied screws. Use the other end... equipment rack. Attach the chassis to a power outlet. 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-3 Figure 1-2 Sample Network Layout DMZ server Switch DMZ PIX 515E Switch Inside Outside Laptop computer Printer Personal computer Router Internet Power cable 97998 To...
..., router, or switch. Connect one of the chassis. Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Installing the PIX 515E Security Appliance Installing the PIX 515E Security Appliance This section describes how to the chassis with the supplied screws. Use the other end... equipment rack. Attach the chassis to a power outlet. 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-3 Figure 1-2 Sample Network Layout DMZ server Switch DMZ PIX 515E Switch Inside Outside Laptop computer Printer Personal computer Router Internet Power cable 97998 To...
Getting Started Guide
Page 10
Figure 1-4 illustrates the back panel components. PIX 515E Security Appliance Getting Started Guide 1-4 78-17645-01 Front and Back Panel Components Figure 1-3 illustrates the LEDs on when the unit is located at least one network interface is in ... Color Green Green NETWORK Green State Description On On when the unit has power. Front and Back Panel Components Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Step 5 Power up the...
Figure 1-4 illustrates the back panel components. PIX 515E Security Appliance Getting Started Guide 1-4 78-17645-01 Front and Back Panel Components Figure 1-3 illustrates the LEDs on when the unit is located at least one network interface is in ... Color Green Green NETWORK Green State Description On On when the unit has power. Front and Back Panel Components Chapter 1 Installing and Setting Up the PIX 515E Security Appliance Step 5 Power up the...
Getting Started Guide
Page 11
... About the Factory-Default Configuration, page 1-6 • About the Adaptive Security Device Manager, page 1-6 • Using the Startup Wizard, page 1-7 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-5 Note To use ASDM, you must have a DES license or a 3DES-AES license. For more information, see Appendix A, "Obtaining a DES License or a.... You can perform the configuration steps using ASDM. However, the procedures in this chapter refer to the method using either the browser-based Cisco Adaptive Security Device Manager (ASDM) or the command-line interface (CLI).
... About the Factory-Default Configuration, page 1-6 • About the Adaptive Security Device Manager, page 1-6 • Using the Startup Wizard, page 1-7 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-5 Note To use ASDM, you must have a DES license or a 3DES-AES license. For more information, see Appendix A, "Obtaining a DES License or a.... You can perform the configuration steps using ASDM. However, the procedures in this chapter refer to the method using either the browser-based Cisco Adaptive Security Device Manager (ASDM) or the command-line interface (CLI).
Getting Started Guide
Page 12
... a factory-default configuration that enables quick startup. About the Adaptive Security Device Manager PIX 515E Security Appliance Getting Started Guide 1-6 78-17645-01 Setting Up the Security Appliance Chapter 1 Installing and Setting Up the PIX 515E Security Appliance About the Factory-Default Configuration Cisco security appliances are shipped with a default DHCP address pool. The factory-default...
... a factory-default configuration that enables quick startup. About the Adaptive Security Device Manager PIX 515E Security Appliance Getting Started Guide 1-6 78-17645-01 Setting Up the Security Appliance Chapter 1 Installing and Setting Up the PIX 515E Security Appliance About the Factory-Default Configuration Cisco security appliances are shipped with a default DHCP address pool. The factory-default...
Getting Started Guide
Page 13
... Appliance Command Line Configuration Guide and the Cisco Security Appliance Command Reference. For more information, see Appendix A, "Obtaining a DES License or a 3DES-AES License" for information about how to obtain and activate one of your web browser. 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-7 This section describes how to use the Startup...
... Appliance Command Line Configuration Guide and the Cisco Security Appliance Command Reference. For more information, see Appendix A, "Obtaining a DES License or a 3DES-AES License" for information about how to obtain and activate one of your web browser. 78-17645-01 PIX 515E Security Appliance Getting Started Guide 1-7 This section describes how to use the Startup...
Getting Started Guide
Page 14
...static IP address to your browser and the security appliance. b. Remember to add the "s" in "https" or the connection fails. PIX 515E Security Appliance Getting Started Guide 1-8 78-17645-01 Start ASDM. a. Alternatively, you use a static IP address, use any other interfaces to be configured. •...the security appliance, perform the following information: • A unique hostname to identify the security appliance on the rear panel of the PIX 515E. HTTPS (HTTP over SSL) provides a secure connection between your PC. In the address field of 192.168.1.1. Note The security ...
...static IP address to your browser and the security appliance. b. Remember to add the "s" in "https" or the connection fails. PIX 515E Security Appliance Getting Started Guide 1-8 78-17645-01 Start ASDM. a. Alternatively, you use a static IP address, use any other interfaces to be configured. •...the security appliance, perform the following information: • A unique hostname to identify the security appliance on the rear panel of the PIX 515E. HTTPS (HTTP over SSL) provides a secure connection between your PC. In the address field of 192.168.1.1. Note The security ...