03-21-2013 11:14 PM - edited 03-11-2019 06:18 PM
Hey Folks,
I am trying to get this new firewall up and I think I have everything configured for ASDM to run but, when I try to open the page to download the launcher I get nothing. Below are the relevant configs...
interface Management0/0
nameif management
security-level 100
ip address 10.32.85.25 255.255.255.0
management-only
FW# sho run asdm
asdm image disk0:/asdm-66114.bin
no asdm history enable
FW# dir
Directory of disk0:/
2 drwx 4096 16:47:32 Jan 22 2013 log
5 drwx 4096 16:47:48 Jan 22 2013 crypto_archive
92 -rwx 0 16:47:50 Jan 22 2013 nat_ident_migrate
13 drwx 4096 16:47:50 Jan 22 2013 coredumpinfo
102 -rwx 34523136 16:51:42 Jan 22 2013 asa861-2-smp-k8.bin
103 -rwx 17851400 16:56:30 Jan 22 2013 asdm-66114.bin
104 -rwx 12998641 17:00:44 Jan 22 2013 csd_3.5.2008-k9.pkg
105 drwx 4096 17:00:46 Jan 22 2013 sdesktop
106 -rwx 6487517 17:00:46 Jan 22 2013 anyconnect-macosx-i386-2.5.2014-k9.pkg
107 -rwx 6689498 17:00:46 Jan 22 2013 anyconnect-linux-2.5.2014-k9.pkg
108 -rwx 4678691 17:00:46 Jan 22 2013 anyconnect-win-2.5.2014-k9.pkg
http server enable
http 10.0.0.0 255.0.0.0 management
http 10.32.170.106 255.255.255.255 management
Gateway of last resort is 10.32.85.1 to network 0.0.0.0
C 10.32.85.0 255.255.255.0 is directly connected, management
C 10.35.181.0 255.255.255.240 is directly connected, inside
C X.X.X.0 255.255.255.240 is directly connected, outside
S* 0.0.0.0 0.0.0.0 [1/0] via 10.32.85.1, management
My host address is 10.32.170.106,.what am I missing?????
Solved! Go to Solution.
03-21-2013 11:58 PM
Maybe as usual, add this to your config:
ssl encryption aes128-sha1 3des-sha1
03-21-2013 11:58 PM
Maybe as usual, add this to your config:
ssl encryption aes128-sha1 3des-sha1
03-22-2013 04:06 AM
Hi
give the command.
hostname(config)# crypto key generate rsa modulus 1024
Hope so you would be able to access using ASDM
03-22-2013 07:20 AM
is your new firewall is an asa-x series? can you ping the asa management ip address from the host?
03-22-2013 02:58 PM
The management interface is designed for management not to be a routed interface this should be your inside address. Also the management interface has its own physical port, if the management port is not physical connected to your network at the moment you could instead try :
A) if you can ping your inside interface from your host
B) if yes then add http 10.0.0.0 255.0.0.0 inside and see if you cant access the ADSM now
Next I noticed your routing table, typicall your default route is the unknown world e.g outside interface,
where as you have static routes or other means of publishing your inside network.
Gateway of last resort is 10.32.85.1 to network 0.0.0.0
C 10.32.85.0 255.255.255.0 is directly connected, management
C 10.35.181.0 255.255.255.240 is directly connected, inside
C X.X.X.0 255.255.255.240 is directly connected, outside
S* 0.0.0.0 0.0.0.0 [1/0] via 10.32.85.1, management
Beside that you have the min. required config in place for it to work.
asdm image disk0:/asdm-66114.bin
http server enable
http 10.0.0.0 255.0.0.0 management (alternative http 10.0.0.0 255.0.0.0 inside)
+ the image loaded
03-22-2013 03:12 PM
did you create a user with pril level 15? also define a subnet that can access the ASA via ASDM?
http 192.168.1.0 255.255.255.0 management
03-24-2013 10:22 PM
Hi,
Just use JAVA 6, this will solve your problem..
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide