a) Reset to Factory Defaults
Connect to the ASA with the console cable. After booting you see the prompt
hostname>
Enter "en" (enable) to enter the EN-Mode, you have now the promt
hostname#
Enter "conf t" (configure terminal). The prompt now change to
hostname(config)#
Enter "config factory-default" and press space when ----more---- comes (several times). After this is done you can configure the new default ip with
inter vlan1
ip address 192.168.x.y 255.255.255.0
where x.y is the local IP of the ASA and 255.255.255.0 is the subnet.
With
reload save-config noconfirm
you reboot the ASA. Note that after the reboot after en the prompt "password" comes up - press enter, the password may be empty!
b) Disable the DHCP-Server
Open the command-line
Go to the Configure-Mode with
en
conf t
disable the DHCP with
no dhcpd enable inside
Save with
wr
c) Configure SSH
Generate a crypto-key with (in conf-t mode):
crypto key generate rsa modulus 2048
Allow access to ssh from the inside network:
ssh 192.168.91.0 255.255.255.0 inside
(assume that 192.168.91.0 is your internal network)
d) Enable http-Server
Enable the http-Server with
enable http server
Allow access to https with
http 192.168.91.0 255.255.255.0 inside
(assuming 192.168.91.0 is your internal network)
Now the asa should be reachable with