Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2415
Views
0
Helpful
9
Replies

Cannot access https/ASDM via firepower asa 2120 inside interface

hinhnm
Level 1
Level 1

‎02-18-2020 04:48 AM - edited ‎02-21-2020 09:55 AM

Dear Team,

 

I have new cisco firepower 2120 asa and i can acess https and asdm via default management port and IP address(192.168.45.1)

I have set inside interface address with address 10.x.x.x and allow https/asdm but cannot access via this interface, could you please hep me to solve this issue?

 

Thank you very much.

 

Labels:
Preview file
9 KB
0 Helpful
9 Replies 9

Rob Ingram
VIP
VIP

‎02-18-2020 02:19 PM

Hi,
You don't appear to have defined a username defined therefore you'd not be able to login to the ASA. Configure username e.g:- "username admin password YourPassword privilege 15"

HTH

0 Helpful

hinhnm
Level 1
Level 1
In response to Rob Ingram

‎02-18-2020 05:30 PM - edited ‎02-18-2020 06:16 PM

Dear RJI, even I have set username and password, I still cannot access ASDM/HTTPS(ping to inside interface is ok)

if I connect via Mgmt interface address, i can access via https/adsm without username and password.

 

thank you very much

Preview file
54 KB
0 Helpful

Rob Ingram
VIP
VIP
In response to hinhnm

‎02-19-2020 01:25 AM

Ok.

 

If you look at the error in the browser it indicates "Cannot communicate securely with peer: no common algorithms" - have a look at this to resolve. I am not sure why you can connect with the mgmt interface though.

0 Helpful

hinhnm
Level 1
Level 1
In response to Rob Ingram

‎02-21-2020 01:35 AM

Dear RJI,

 

yes, i have tried to add asa inside address to allow list in firefox, IE, and chrome and configure tls as your guide but problem still same.

i also tried to configure ssl vpn and when i access to outside interface --> the problem seem that same as inside interface, please see my attached image. do i need to configure ssl/certificate on my ASA?

thank you very much

 

 

Preview file
275 KB
0 Helpful

Rob Ingram
VIP
VIP
In response to hinhnm

‎02-21-2020 01:51 AM

Hi, Please provide the full configuration of the ASA
0 Helpful

hinhnm
Level 1
Level 1
In response to Rob Ingram

‎02-21-2020 02:14 AM

Dear RJI,

 

please see the file, thank you.

Preview file
14 KB
0 Helpful

hinhnm
Level 1
Level 1
In response to hinhnm

‎02-23-2020 06:52 PM

I have found this topic but not sure it will solve my issue or not.

i'm waiting local vendor to support get license because Cisco website inform that my device SN was not existing.

 

https://community.cisco.com/t5/network-security/dont-enable-asdm/td-p/3031164

 

0 Helpful

hinhnm
Level 1
Level 1
In response to hinhnm

‎03-23-2020 11:53 PM

My problem has solved after enable 3DES license. Thank you all for your support.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to hinhnm

‎02-23-2020 07:35 PM

@hinhnm you have:

http 192.168.1.0 255.255.255.0 inside

...but all your inside routes are for 10.164.x.x. subnets. Thus the ASA won't use the proper interface to return incoming traffic from 192.169.1.0/24 that arrives on the inside interface.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card