Note : The router s used with hands-on lab s are Cisco 4221 with Cisco IOS XE Release 1 6.9.6 (universalk9 image). The ISP has assigned the public IP address space of 209.165.200.224/29, which will be used for address translation on the ASA. Layer 3 VLAN interfaces provide access to the three areas created in the lab: Inside, Outside, and DMZ. The ASA will be configured for management by an administrator on the internal network and the remote administrator. The ASA is an edge security device that connects the internal corporate network and DMZ to the ISP while providing NAT and DHCP services to inside hosts.
![failover configuration asa asdm failover configuration asa asdm](http://www.chicagotech.net/images/asafialover2.png)
R3 connects an administrator from a network management company, who has been hired to remotely manage your network. R2 represents an intermediate Internet router. R1 is a customer-premise equipment (CPE) device managed by the ISP. The scenario for this lab assumes your company has a location connected to an ISP. In Part 5, you will configure a DMZ on the ASA and provide access to a server in the DMZ. In Part 4, you will configure additional settings via the ASDM configuration menu. In Part 3, you will use the ASDM Startup wizard to configure basic ASA settings and the firewall between the inside and outside networks. In Part 2, you will prepare the ASA for Adaptive Security Device Manager (ASDM) access. In Part 1 of this lab, you will configure the topology and non-ASA devices. This lab uses the ASA GUI interface ASDM to configure basic device and security settings.
![failover configuration asa asdm failover configuration asa asdm](https://www.techrepublic.com/a/hub/i/2012/01/31/d5750ba2-c3a6-11e2-bc00-02911874f8c8/FW2-1.jpg)
Other devices will receive minimal configuration to support the ASA portion of the lab. The focus of this lab is to configure the ASA as a basic firewall. Inside users can access the DMZ and outside resources. It provides outside users with limited access to the DMZ and no access to internal resources. The ASA creates three security interfaces: Outside, Inside, and DMZ. This lab employs an ASA 550 6-X to create a firewall and protect an internal corporate network from external intruders while allowing internal hosts access to the Internet. The Cisco Adaptive Security Appliance (ASA) is an advanced network security device that integrates a stateful firewall, a VPN, and FirePOWER services. Part 5: Configur e DMZ, Static NAT, and ACLs Background /Scenario
![failover configuration asa asdm failover configuration asa asdm](https://www.cisco.com/c/dam/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-04.png)
Part 4 : Configur e ASA Settings from the ASDM Configuration Menu Part 3: Configur e ASA Settings and Firewall U sing the ASDM Startup Wizard Blank Line, No additional information Objective s