I recently received a Cisco ASA 5506W-X for a Vulnerability Assessment
Step 1: Console into the ASA Device, get to enable prompt
Step 2: Copy and Paste the pieces of config you like seen below, CTRL^Z, write
Out of the Box with 9.7(1) use the LAN with DHCP to Surf the Internet: No Config Required!
Blog Post: Config Sourcefire on CLI to enable Control Panel | Reference Config: Cisco ASA-5506W-X Wireless Radio startup-config! START ! ! ASA Version 9.7(1) ! ! interface GigabitEthernet1/1 nameif outside security-level 0 ip address dhcp setroute ! interface GigabitEthernet1/2 bridge-group 1 nameif inside_1 security-level 100 ! interface GigabitEthernet1/3 bridge-group 1 nameif inside_2 security-level 100 ! interface GigabitEthernet1/4 bridge-group 1 nameif inside_3 security-level 100 ! interface GigabitEthernet1/5 bridge-group 1 nameif inside_4 security-level 100 ! interface GigabitEthernet1/6 bridge-group 1 nameif inside_5 security-level 100 ! interface GigabitEthernet1/7 bridge-group 1 nameif inside_6 security-level 100 ! interface GigabitEthernet1/8 bridge-group 1 nameif inside_7 security-level 100 ! interface GigabitEthernet1/9 nameif wifi security-level 100 ip address 192.168.10.1 255.255.255.0 ! interface Management1/1 management-only no nameif no security-level no ip address ! interface BVI1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! ftp mode passive dns domain-lookup inside_1 dns domain-lookup inside_2 dns domain-lookup inside_3 dns domain-lookup inside_4 dns domain-lookup inside_5 dns domain-lookup inside_6 dns domain-lookup inside_7 dns domain-lookup wifi dns domain-lookup inside dns server-group DefaultDNS name-server 8.8.8.8 name-server 4.4.4.4 same-security-traffic permit inter-interface object network obj_any1 subnet 0.0.0.0 0.0.0.0 object network obj_any2 subnet 0.0.0.0 0.0.0.0 object network obj_any3 subnet 0.0.0.0 0.0.0.0 object network obj_any4 subnet 0.0.0.0 0.0.0.0 object network obj_any5 subnet 0.0.0.0 0.0.0.0 object network obj_any6 subnet 0.0.0.0 0.0.0.0 object network obj_any7 subnet 0.0.0.0 0.0.0.0 object network obj_any_wifi subnet 0.0.0.0 0.0.0.0 object-group protocol TCPUDP protocol-object udp protocol-object tcp access-list traceroute remark Allow traceroute access-list traceroute extended permit icmp any any time-exceeded log access-list traceroute remark Allow traceroute access-list traceroute extended permit icmp any any unreachable log pager lines 24 logging enable logging buffer-size 640000 logging asdm-buffer-size 512 logging asdm notifications logging device-id string ciscoasa no logging message 106015 no logging message 313001 no logging message 313008 no logging message 106023 no logging message 710003 no logging message 106100 no logging message 302015 no logging message 302014 no logging message 302013 no logging message 302018 no logging message 302017 no logging message 302016 no logging message 302021 no logging message 302020 mtu outside 1500 mtu inside_1 1500 mtu inside_2 1500 mtu inside_3 1500 mtu inside_4 1500 mtu inside_5 1500 mtu inside_6 1500 mtu inside_7 1500 mtu wifi 1500 ip verify reverse-path interface wifi icmp unreachable rate-limit 10 burst-size 5 asdm history enable arp timeout 14400 no arp permit-nonconnected arp rate-limit 16384 ! object network obj_any1 nat (inside_1,outside) dynamic interface object network obj_any2 nat (inside_2,outside) dynamic interface object network obj_any3 nat (inside_3,outside) dynamic interface object network obj_any4 nat (inside_4,outside) dynamic interface object network obj_any5 nat (inside_5,outside) dynamic interface object network obj_any6 nat (inside_6,outside) dynamic interface object network obj_any7 nat (inside_7,outside) dynamic interface object network obj_any_wifi nat (wifi,outside) dynamic interface access-group traceroute in interface outside route outside 0.0.0.0 0.0.0.0 192.168.0.1 1 timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 timeout conn-holddown 0:00:15 timeout igp stale-route 0:01:10 user-identity default-domain LOCAL user-identity ad-agent event-timestamp-check aaa authentication ssh console LOCAL aaa authentication enable console LOCAL aaa authentication http console LOCAL aaa authentication telnet console LOCAL aaa authorization command LOCAL aaa authorization http console LOCAL http server enable http 192.168.1.0 255.255.255.0 inside_1 http 192.168.1.0 255.255.255.0 inside_2 http 192.168.1.0 255.255.255.0 inside_3 http 192.168.1.0 255.255.255.0 inside_4 http 192.168.1.0 255.255.255.0 inside_5 http 192.168.1.0 255.255.255.0 inside_6 http 192.168.1.0 255.255.255.0 inside_7 http 192.168.10.0 255.255.255.0 wifi no snmp-server location no snmp-server contact service sw-reset-button crypto ipsec security-association pmtu-aging infinite crypto ca trustpool policy telnet 192.168.1.0 255.255.255.0 inside_1 telnet 192.168.1.0 255.255.255.0 inside_2 telnet 192.168.10.0 255.255.255.0 wifi telnet timeout 5 ssh scopy enable ssh stricthostkeycheck ssh 192.168.1.0 255.255.255.0 inside_1 ssh 192.168.1.0 255.255.255.0 inside_2 ssh 192.168.10.0 255.255.255.0 wifi ssh timeout 5 ssh key-exchange group dh-group14-sha1 console timeout 0 dhcpd dns 8.8.8.8 dhcpd domain xss.cx ! dhcpd address 192.168.10.5-192.168.10.254 wifi dhcpd dns 8.8.8.8 4.4.4.4 interface wifi dhcpd domain xss.cx interface wifi dhcpd enable wifi ! dhcpd address 192.168.1.6-192.168.1.254 inside dhcpd dns 8.8.8.8 4.4.4.4 interface inside dhcpd domain xss.cx interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0 threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0 threat-detection statistics threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 ntp server 129.6.15.30 source outside prefer dynamic-access-policy-record DfltAccessPolicy ! class-map class_default class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspection policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp inspect icmp error class class-default user-statistics accounting ! service-policy global_policy global prompt hostname context no call-home reporting anonymous hpm topN enable ! ! !END