Hi 

Thanks for your reply

how do i generate a self signed certificate ???

for asdm i did all that configuration,right now  i'm connecting the firewall directly to pc but nothing work

Hi,

To generate the self signed certificate

hostname  XXX

domain-name mydomain.com

crypto key generate rsa label ezvpnkeypair  modulus 1024

crypto ca trustpoint self

     enroll self

      fqdn vpn.mydomain.com

     subject-name CN=vpn.mydomain.com

      keypair ezvpnkeypair

crypto ca enroll self noconfirm

Apply the new certificate:

ssl trust-point self outside

For ASDM are you accessing it from inside interface or from any other...???

HTH

Abheesh

the configuration as below :
hostname FW1
domain-name net.local
enable password xxx
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
names

!
interface GigabitEthernet1/1
nameif outside
security-level 0
ip address dhcp setroute
!
interface GigabitEthernet1/2
nameif inside
security-level 100
ip address 192.168.1.100 255.255.255.0
!
interface GigabitEthernet1/3
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/7
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/8
shutdown
no nameif
no security-level
no ip address
!
interface Management1/1
management-only
shutdown
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone CEST 1
clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
dns server-group DefaultDNS
domain-name dki-group.local
pager lines 24
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-782.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication telnet console LOCAL
aaa authentication login-history
http server enable
http 192.168.1.0 255.255.255.0 inside
http 25.45.255.18 255.255.255.255 outside
http 187.14.09.12 255.255.255.255 outside
http 185.11.16.30 255.255.255.255 outside
http 18.27.26.40 255.255.255.255 outside
http 80.16.15.12 255.255.255.255 outside
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet 10.10.0.4 255.255.255.255 outside
telnet 10.10.0.4 255.255.255.255 inside
telnet 192.168.1.0  255.255.255.0 inside
telnet timeout 60
ssh stricthostkeycheck
ssh 187.14.09.12 255.255.255.255 outside
ssh 185.11.16.30 255.255.255.255 outside
ssh 18.27.26.40 255.255.255.255 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
management-access inside

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
dynamic-access-policy-record DfltAccessPolicy
username KOLFW0001 password $sha512$5000$W0ZeAv2Ibchd6ui4NeeCjw==$clmqco8pghXIY2LMIM7wfA== pbkdf2
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect dns preset_dns_map
policy-map type inspect dns migrated_dns_map_2
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email callhome@cisco.com
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:b07eabf72b3ed6eee5c0aaecb6741bef

Hi,
If your PC also in same rage of inside subnet then from the browser try to open https://192.168.1.100

or 

create a route for the PC subnet

route inside <<your PC Subnet > next hop.

eg: route inside 192.168.20.0 255.255.255.0 192.168.100.1

HTH
Abheesh

I have tried that but nothing appear and says

This site can’t be reached

my pc is configured as dhcp automatically 

No in different range 172.16.20.7

add a route in ASA like below
route inside 172.16.20.7 255.255.255.255 <next hop IP>

and add the http access

http 172.16.20.7 255.255.255.255 inside
or 

http 0.0.0.0 0.0.0.0 inside

HTH
Abheesh

didn't except the route said error and inconsistent 

route inside 172.16.20.7  255.255.255.255  172.16.20.1

http 172.16.20.7  255.255.255.255 inside 

now excepts the commands but still not working