Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
969
Views
0
Helpful
2
Replies

ASA 5520 with GNS3

Navaz Wattoo
Level 1
Level 1

‎05-29-2014 10:27 PM - edited ‎03-11-2019 09:15 PM

Task:- i want to configure the ASA 5520 having version 8.4(2) through ASDM. And also please share the explorer version with Java version to access the ASA through ASDM.

 

Below the Configuration of ASA

 

Task:- I want to access the ASA through ASDM. Please also share the information what is the requirment of the explorer version and also Java version.

 

Hy

here is problem that i cannot access the host or cloud from tha asa. Cloud attached with the cisco ASA 5520 haveing 8.4(2) version of managment interface with security level is 0.

 

Here below the configuration of ASA

 

ASA(config-if)# sh running-config

: Saved

:

ASA Version 8.4(2)

!

hostname ASA

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface GigabitEthernet0

nameif managment

security-level 0

ip address 10.10.10.1 255.0.0.0

!

interface GigabitEthernet1

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet2

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet3

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet4

shutdown

no nameif

no security-level

no ip address

!

ftp mode passive

pager lines 24

mtu managment 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

!

!

prompt hostname context

call-home reporting anonymous prompt 2

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

crashinfo save disable

Cryptochecksum:acc1558d4b61f4630f0e7a8304f80947

: end

 

 

And the cloud ip is 10.10.10.5/8 attached with the cisco ASA 5520 management interface having security level 0. According to above configuration i also cannot pinging the each other and also attached the topology with their interfaces.

Your discussion would be appreciated.

 

Thanks and Regards

Navaz

 

Navaz
1 person had this problem
Labels:
Preview file
22 KB
0 Helpful
2 Replies 2

johnlloyd_13
Level 9
Level 9

‎05-30-2014 02:01 AM

hi,

try adding these:

int g0

security-level 100

http server enable

http 10.10.10.0 255.0.0.0 inside

 

make sure you've got ASDM uploaded in ASA flash and access it via HTTPS.

copy tftp://<TFTP SERVER IP ADDRESS>/<ASDM FILE NAME> flash

0 Helpful

Marius Gunnerud
VIP
VIP
In response to johnlloyd_13

‎05-30-2014 02:56 AM

If I remember correctly it is only telnet that has the restriction of not being able to connect to an interface that is configured with a security level of 0.

That being said, in addition to what John has mentioned.  Issue the command dir to see if there is an ASDM image installed on the ASA.  By default this image will not be present and you will need to copy it to the ASA.  That means you will need to have a TFTP, FTP, SCP (or similar) server running on your PC.  You might also need to allow for the traffic from the PC to the ASA on that interface since it is a security level 0...though of this I am not sure if it NEEDS to be done...and I don't have an ASA to test on right now.

copy tftp flash

Once the image is copied over you need to enter the following commands:

asdm image <imagename.bin>
http server enable
http 10.10.10.5 255.255.255.255 management
aaa authentication http console LOCAL
username cisco password cisco  (or whichever username and password you choose)

Let us know how it goes

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card