2-2
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 2 Getting Started
Factory Default Configurations
The factory default configuration is available only for routed firewall mode and single context mode.
See Chapter 3, “Enabling Multiple Context Mode,” for more information about multiple context mode.
See the “Setting Transparent or Routed Firewall Mode” section on page 2-5 for more information about
routed and transparent firewall mode.
This section includes the following topics:
• Restoring the Factory Default Configuration, page 2-2
• ASA 5505 Default Configuration, page 2-2
• ASA 5510 and Higher Default Configuration, page 2-3
• PIX 515/515E Default Configuration, page 2-4
Restoring the Factory Default Configuration
To restore the factory default configuration, enter the following command:
hostname(config)# configure factory-default [ip_address [mask]]
If you specify the ip_address, then you set the inside or management interface IP address, depending on
your model, instead of using the default IP address of 198.168.1.1. The http command uses the subnet
you specify. Similarly, the dhcpd address command range consists of addresses within the subnet that
you specify.
After you restore the factory default configuration, save it to internal Flash memory using the write
memory command. The write memory command saves the running configuration to the default location
for the startup configuration, even if you previously configured the boot config command to set a
different location; when the configuration was cleared, this path was also cleared.
Note This command also clears the boot system command, if present, along with the rest of the configuration.
The boot system command lets you boot from a specific image, including an image on the external Flash
memory card. The next time you reload the security appliance after restoring the factory configuration,
it boots from the first image in internal Flash memory; if you do not have an image in internal Flash
memory, the security appliance does not boot.
To configure additional settings that are useful for a full configuration, see the setup command.
ASA 5505 Default Configuration
The default factory configuration for the ASA 5505 adaptive security appliance configures the
following:
• An inside VLAN 1 interface that includes the Ethernet 0/1 through 0/7 switch ports. If you did not
set the IP address in the configure factory-default command, then the VLAN 1 IP address and mask
are 192.168.1.1 and 255.255.255.0.
• An outside VLAN 2 interface that includes the Ethernet 0/0 switch port. VLAN 2 derives its IP
address using DHCP.
• The default route is also derived from DHCP.
• All inside IP addresses are translated when accessing the outside using interface PAT.
• By default, inside users can access the outside with an access list, and outside users are prevented
from accessing the inside.
To Next Page
Loading...
Need help?
General