Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1089
Views
0
Helpful
9
Replies

ASA 5545 ASDM

Go to solution
mudasir05
Level 1
Level 1

‎10-13-2014 11:55 PM - edited ‎03-11-2019 09:55 PM

 

Hello All,

 

Iam new to Network Security (firewall).

I just need to know the steps to access ASA through asdm for the first time.

Also let the know to which port of ASA I need to connect the cable from my PC.

 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to mudasir05

‎10-14-2014 12:37 AM

Hi,

 

So you say that you have a Router behind the internal interface of the ASA and that they are connected using the subnet 192.168.1.0/24? This would likely mean that there is some other subnet behind the Router where the actual hosts are located at?

 

If that is the case then you would need an additional command for the subnet where the users are.

 

http <user subnet> <mask> inside

 

You would also naturally have to make sure that the ASA has the "route" for the user subnet pointing towards the Router IP address

 

route inside <user subnet> <mask> 192.168.1.2

 

But if you actually have hosts in the subnet 192.168.1.0/24 between the ASA and the Router then you should be able to access ASDM currently. If you dont have the ASDM on your computer then you should connect to the ASA interface with the browser "https://192.168.1.1/"

 

- Jouni

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎10-14-2014 12:04 AM

Hi,

 

To my understanding ASAs usually come with a guide to get started and this usually includes instructions on how to connect to the ASA using ASDM.

 

I think by default the Management port on the ASA should have an IP address and DHCP Server running. So if you connect your PC to that port with DHCP enabled you can probably easily connect to the ASA using ASDM.

 

Here is a link to the Quick Start Guide

http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/5500X/5500x_quick_start.html#pgfId-35215

 

Naturally if you are having problems with ASDM it might even be problem with the current Java version.

 

- Jouni

0 Helpful

Go to solution
mudasir05
Level 1
Level 1
In response to Jouni Forss

‎10-14-2014 12:11 AM

 

Thanks Jouni for ur reply...

Is it possible to access ASDM through the console port of the ASA.

 

Thanks

 

 

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to mudasir05

‎10-14-2014 12:16 AM

Hi,

 

No, its only meant for CLI access of the ASA.

 

Later when you configure additional interfaces on the ASA you can configure any of them for ASDM access depending on where the users who need ASDM access are located at.

 

- Jouni

0 Helpful

Go to solution
mudasir05
Level 1
Level 1
In response to Jouni Forss

‎10-14-2014 12:32 AM

 

appreciate ur help...

 

on my ASA gig 0/1(inside) port i have assigned ip 192.168.1.1/24 and this port is connected to the router.The router ip is 192.168.1.2/24.

Moreover on ASA:http server enable

                             http 192.168.1.0 255.255.255.0 inside

is also present.

Plz let me know how to access asdm in this scenario.

Thanks

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to mudasir05

‎10-14-2014 12:37 AM

Hi,

 

So you say that you have a Router behind the internal interface of the ASA and that they are connected using the subnet 192.168.1.0/24? This would likely mean that there is some other subnet behind the Router where the actual hosts are located at?

 

If that is the case then you would need an additional command for the subnet where the users are.

 

http <user subnet> <mask> inside

 

You would also naturally have to make sure that the ASA has the "route" for the user subnet pointing towards the Router IP address

 

route inside <user subnet> <mask> 192.168.1.2

 

But if you actually have hosts in the subnet 192.168.1.0/24 between the ASA and the Router then you should be able to access ASDM currently. If you dont have the ASDM on your computer then you should connect to the ASA interface with the browser "https://192.168.1.1/"

 

- Jouni

0 Helpful

Go to solution
mudasir05
Level 1
Level 1
In response to Jouni Forss

‎10-14-2014 01:04 AM

 

Yes Jouni you got it right,however currently i disconnected all the internal network.I have a asa connected to the router and thats it,now in order to access the asdm from the pc what all i need to do.

Do i need to enable dhcp on asa so that the pc will get the ip automatically.

Moreover my management port is having ip 192.168.2.100/24.

Thanks

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to mudasir05

‎10-14-2014 01:10 AM

Hi,

 

Well I guess your main options are to connect a PC/Laptop to the Management port directly. If there is no DHCP configured for the port then configure the PC/Laptop to the same subnet as the Management interface and then connect to the ASA interface IP address with the browser using HTTPS.

 

You can naturally connect your PC/Laptop to the Router but in that case you have to make sure that the configurations I mentioned above are configured on the ASA for the host to be able to connect to the ASA from behind the Router.

 

- Jouni

0 Helpful

Go to solution
mudasir05
Level 1
Level 1
In response to Jouni Forss

‎10-14-2014 01:24 AM

thanks for ur help,i will try and will let u know...

 

 

0 Helpful

Go to solution
mudasir05
Level 1
Level 1
In response to mudasir05

‎10-20-2014 12:10 AM

 

thanks Jouni again,iam now able to access ASDM via the management port.

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card