5-5
ASDM configuration guide
Chapter 5 Using the Startup Wizard
Startup Wizard Screens
Address Translation (NAT/PAT)
Configures NAT or PAT for inside addresses (the interface with the highest security level) when
accessing the outside (the interface with the lowest security level). See the “Configuring Dynamic NAT
or Dynamic PAT Using a PAT Pool” section on page 33-4 or the “Configuring Dynamic PAT (Hide)”
section on page 33-8 for more information.
Administrative Access
• Configures ASDM, Telnet, or SSH access. See the “Configuring Management Access” section on
page 40-3 for more information.
• To enable a secure connection to an HTTP server to access ASDM, check the Enable HTTP server
for HTTPS/ASDM access check box. See the “Configuring Management Access” section on
page 40-3 for more information.
• To allow ASDM to collect and display statistics, check the Enable ASDM history metrics check
box. See the “Enabling History Metrics” section on page 3-30 for more information.
IPS Basic Configuration (IPS SSP)
Configure the basic IPS SSP network configuration. These settings are saved to the IPS SSP
configuration, not the ASA configuration. You must configure initial settings for the IPS SSP using this
screen before you can complete your configuration from the Configuration > IPS pane.
To configure the IPS basic settings, perform the following steps:
Step 1 In the Network Settings area, configure the following:
• IP Address—The management IP address. By default, the address is 192.168.1.2.
• Subnet Mask—The subnet mask for the management IP address.
• Gateway—The IP address of the upstream router. By default, this IP address is the ASA
management IP address, 192.168.1.1.
• HTTP Proxy Server—(Optional) The HTTP proxy server address. You may need a proxy server to
download global correlation updates if your network uses proxy.
• HTTP Proxy Port—(Optional) The HTTP proxy server port.
• DNS Primary—(Optional) The primary DNS server address. If you are using a DNS server, you
must configure at least one DNS server and it must be reachable for global correlation updates to be
successful.
For global correlation to function, you must have either a DNS server or an HTTP proxy server
configured at all times. DNS resolution is supported only for accessing the global correlation update
server.
Step 2 In the Management Access List area, enter an IP address and subnet mask for any hosts that are allowed
to access the IPS SSP management interface, and click Add. You can add multiple IP addresses.
Step 3 In the Cisco Account Password area, set the password for the username “cisco” and confirm it. The
username “cisco” and this password are used for Telnet sessions from hosts specified by the management
access list and when accessing the IPS module from ASDM (Configuration > IPS). By default, the
password is cisco.