01-25-2013 05:00 PM - edited 03-11-2019 05:52 PM
I do have one other question first. What's the effect of the
crypto key zeroize rsa
command, and then
crypto key generate rsa modulus 1024
while I'm SSH'd to the ASA? Can I do it? Or do i need to be consoled in or connected a different way?
OK, it's a customers ASA 5510:
ASA Version 8.4(1)
asdm image disk0:/asdm-641.bin
asdm history enable
http server enable
http 10.1.1.83 255.255.255.255 inside
http 10.1.1.82 255.255.255.255 inside
Shouldn't that right there be enough to access ASDM from either host .82 or .83? Because I cannot. But if I add
http 0.0.0.0 0.0.0.0 inside, then I of course can.
Any idea why?
Thank you.
01-25-2013 05:54 PM
Hi,
You will not loose ssh connectivity to the device when you run the following commands :
crypto key zeroize rsa
crypto key generate rsa modulus 1024
If you close the ssh session before running the second command, then you will loose connectivity over ssh and should get a console connection.
And with the asdm and http configuration you specified, you should be able to access the ASA on ASDM from .82 or .83.
You would not need the command 'http 0.0.0.0 0.0.0.0 inside' for this to work.
If it is not working, check the inside interface IP address and verify if it can reach .82 or .83 by running ping tests.
Narayana
01-26-2013 03:39 AM
I can SSH to the ASA from both those addresses so there is connectivity. Do i specifically need ICMP for anything? I don't have access to this site till Monday morning again so i can't test anything now. thanks for the input though.
Inside interface is on the same network.
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.1.1.249 255.0.0.0
interface properties from one of the machines above:
Intel(R) 82578DM Gigabit Network Connection | 10.1.1.83 | 255.0.0.0 | 10.1.1.251
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide