en
config t
write erase
config factory-default (space through all the pages)
reload (Don’t save current config)
Say no to interactive prompts
en (There's no password)
config t
enable password [specify enable password]
hostname [Your Hostname]
interface vlan 1
description [VLAN 1 free-form description]
security-level 0
nameif outside
ip address [public ip] [mask] (If you’re using DHCP, replace with “ip address dhcp setroute”)
interface vlan 2
interface ethernet0/0
interface ethernet0/1
switchport access vlan 2
no shutdown
interface ethernet0/2
switchport access vlan 2
no shutdown
interface ethernet0/3
switchport access vlan 2
no shutdown
interface ethernet0/4
switchport access vlan 2
no shutdown
interface ethernet0/5
switchport access vlan 2
no shutdown
interface ethernet0/6
switchport access vlan 2
no shutdown
interface ethernet0/7
switchport access vlan 2
no shutdown
show switch vlan
crypto key generate rsa modulus 1024 (type yes for confirmation)
ssh [network allowed to ssh] [mask] inside
ssh timeout 10
ssh version 2
username [specify username] password [specify password] privilege 15
aaa authentication ssh console LOCAL
show run ssh
route outside 0 0 [ISP Gateway] 1 (This setups the default route)
global (outside) 1 interface
nat (inside) 1 [IP address/network for PAT] [mask]
http server enable (requires port if accessing from outside)
http [Allow IP Address(s)] [Mask]
policy-map global_policy
class inspection_default
inspect icmp
end
wr m
reload
show running-config (To check that everything is ok)