cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


1703
Views
0
Helpful
4
Replies
Highlighted
Beginner

Cannot connect to ASA with ASDM or SSH - Firewall running ok

    Hi all

I have an ASA 5510 in a live environment. Up til a short while ago I could access this via the ASDM and ssh. However I can no longer connect to it via

eithier. When I access It via SSH I get a disclaimer saying the following

*** You have entered a restricted zone! Authorized access only!!! Disconnect immediately if you are not authorized user! ***

It then cuts me off.

When I try to access the ASDM I get the following

Capture.PNG

The firewall is running all its services without a problem and I can ping the device without any issues. Also none of the config (to my knpowledge has been changed). I set up a console session and http server enable is still there with

http 192.168.200.0 255.255.255.0 inside

Please could some one shed some light on this

thanks

4 REPLIES 4
Beginner

Re: Cannot connect to ASA with ASDM or SSH - Firewall running ok

Just to add further details. Here is the config from the firewall

http server enable

http 192.168.200.0 255.255.255.0 inside

http 192.168.1.0 255.255.255.0 management

http 202.130.241.192 255.255.255.192 outside

http 192.168.100.0 255.255.252.0 outside

I ran a packet tracer on the inside interface for ssh running from my machine 192.168.102.46 to the firewall 192.168.200.1

it allowed everything through until the last hurdle

Result:

input-interface: inside

input-status: up

input-line-status: up

output-interface: NP Identity Ifc

output-status: up

output-line-status: up

Action: drop

Drop-reason: (no-adjacency) No valid adjacency

Beginner

Cannot connect to ASA with ASDM or SSH - Firewall running ok

Reboots the firewall it is now resolved a possible issue with the management engine

Cisco Employee

Cannot connect to ASA with ASDM or SSH - Firewall running ok

Hi James,

With limited info available:

http 192.168.100.0 255.255.252.0 outside                    << So I expect 192.168.100.0 255.255.252.0 to be on outside.

But as per "I ran a packet tracer on the inside interface for ssh running from my machine 192.168.102.46 to the firewall 192.168.200.1" 192.168.102.46 is on inside. So, above command should look like:

no http 192.168.100.0 255.255.252.0 outside

http 192.168.100.0 255.255.252.0 inside

Since, it works after reboot of ASA, are you still accessing ASA using ASDM from same source IP?

-

Sourav Kakkar

Beginner

Cannot connect to ASA with ASDM or SSH - Firewall running ok

yes same source IP