01-07-2013 01:41 AM - edited 03-11-2019 05:43 PM
Hi cisco support,
I would like to request any one from cisco support to help me. Before my senior staffs had configured ASA from CLI and it was implemented for some years. But after that they have not used this ASA. Now i have reset to factory-default as
conf t
clear configure all
wr
By executing above comments it shows completed reseting to factory-default.
After that when type:
#sh ru interface
This shows outputs as follows:
interface GigabitEthernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
management-only
There was no default ip address 192.168.1.1 in interface Management0/0. So i got IP adddres by using
config factory-default command. out put look as follows:
#config factory-default
Based on the management IP address and mask, the DHCP address packets): hardware (0/0) software (0/0)
pool size is reduced to 253 from the platform limit 256 output queue (curr/max p
WARNING: The boot system configuration will be cleared.
The first image found in disk0:/ will be used to boot the
system on the next reload.
Verify there is a valid image on disk0:/ or the system will
not boot.
Begin to apply factory-default configuration:
Clear all configuration
WARNING: DHCPD bindings cleared on interface 'management', address pool removed
Executing command: interface management0/0
Executing command: nameif management
INFO: Security level for "management" set to 0 by default.
Executing command: ip address 192.168.1.1 255.255.255.0
Executing command: security-level 100
Executing command: no shutdown
Executing command: exit
Executing command: http server enable
Executing command: http 192.168.1.0 255.255.255.0 management
Executing command: dhcpd address 192.168.1.2-192.168.1.254 management
Executing command: dhcpd enable management
Executing command: logging asdm informational
Factory-default configuration is completed
then when i type sh run int command. It looks as follows#sh ru int
GigabitEthernet0
!
interface GigabitEthernet0/010.10.10.1 255.255.255.
shutdown
no nameif
no security-level
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
So i can ping to 192.168.1.1. but could not get the web page when i type https://192.168.1.1/admin
Please help me.
Solved! Go to Solution.
01-07-2013 02:04 AM
Hi,
add this: asdm image disk0:/"asdm file name"
then try again like this https://192.168.1.1
Regards.
Alain
Don't forget to rate helpful posts.
01-07-2013 02:09 AM
to be able to access ASA from web page you will need to configure ASDM, you will need to check if your ASA has ASDM file on the flash or not, it can be checked by using "dir disk0:" command. once you determine there is ASDM file on the flash, you can start configuring it, by using below template:
username
aaa authentication http console LOCAL
http server enable
asdm image disk0:
http
01-07-2013 02:04 AM
Hi,
add this: asdm image disk0:/"asdm file name"
then try again like this https://192.168.1.1
Regards.
Alain
Don't forget to rate helpful posts.
01-07-2013 09:33 PM
Hi Alain,
Thanks for your help. when i add asdm image disk0:/"asdm file name". i could open web pages.
Regards
Karma
03-05-2013 05:27 AM
Hi Alain,
please help me to solve the problem, Last time when a added asdm image disk0:/"asdm file name" i could access Cisco ASA on web page, but it is not working, please help me,
For your references following are the information;
//To show the current running interface
#sh ru int
GigabitEthernet0
!
interface GigabitEthernet0/0
shutdown
no nameif
no security-level
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ciscoasa# show flash
--#-- --length-- -----date/time------ path
63 14524416 Nov 26 2008 23:59:02 asa724-k8.bin
64 4181246 Jan 01 2003 00:07:52 securedesktop-asa-3.2.1.103-k9.pkg
65 398305 Jan 01 2003 00:08:14 sslclient-win-1.1.0.154.pkg
6 8192 Sep 22 2008 17:24:26 crypto_archive
66 6514852 Sep 22 2008 17:40:56 asdm-524.bin
68 6889764 Nov 27 2008 00:06:04 asdm-602.bin
2 8192 Nov 27 2008 01:18:04 log
255426560 bytes total (222527488 bytes free)
ciscoasa# dir disk0:
Directory of disk0:/
63 -rwx 14524416 23:59:02 Nov 26 2008 asa724-k8.bin
64 -rwx 4181246 00:07:52 Jan 01 2003 securedesktop-asa-3.2.1.103-k9.pk
g
65 -rwx 398305 00:08:14 Jan 01 2003 sslclient-win-1.1.0.154.pkg
6 drwx 8192 17:24:26 Sep 22 2008 crypto_archive
66 -rwx 6514852 17:40:56 Sep 22 2008 asdm-524.bin
68 -rwx 6889764 00:06:04 Nov 27 2008 asdm-602.bin
2 drwx 8192 01:18:04 Nov 27 2008 log
255426560 bytes total (222527488 bytes free)
i did even
#asdm image disk0:/asdm-524.bin
#asdm image disk0:/asdm-602.bin
please help.
03-05-2013 08:14 AM
Hi karma,
could you please confirm what image file is configured as of now ? I believe ASDM image disk0:/asdm-602.bin is not supportive with your current IOS 7.2.4..You can test same with ASDM image 5.2.4 or 5.2.5.
Regards,
Saurabh
03-06-2013 05:47 AM
Hi saurabh,
Actually i am new to Cisco ASA and i don't know how to configure it. Just learning from the manual guide, right now i could find
asdm image disk0:/asdm-524.bin
asdm image disk0:/asdm-602.bin
when the ASDM image is 5.2.4 and 6.0.2 it is not accesible in browser. So if i need to configure image 5.2.4 what all i need to do. Please guide me
your help and support is always appreciated.
Regards
karma
03-07-2013 01:14 AM
so it was working and not anymore? what have you changed on the config? try to remove the asdm image disk0:/asdm-602.bin command and please post you running config as well.
03-07-2013 03:39 AM
Hi Sanjoko
I have posted following for your references
#show flash
--#-- --length-- -----date/time------ path
63 14524416 Nov 26 2008 23:59:02 asa724-k8.bin
64 4181246 Jan 01 2003 00:07:52 securedesktop-asa-3.2.1.103-k9.pkg
65 398305 Jan 01 2003 00:08:14 sslclient-win-1.1.0.154.pkg
6 8192 Sep 22 2008 17:24:26 crypto_archive
66 6514852 Sep 22 2008 17:40:56 asdm-524.bin
68 6889764 Nov 27 2008 00:06:04 asdm-602.bin
2 8192 Nov 27 2008 01:18:04 log
ciscoasa(config)# sh run
ASA Version 8.0(2)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface GigabitEthernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:b6965df6235c81d8f47987003b4584ae
: end
Thanks in advance. Your help is appreciated,
regards
karma
03-07-2013 03:53 AM
Based on your show run, it looks like the asa is running version 8.0(2) but I don't see the file on the flash, so please provide the output from show version for verification and I see that there are two lines of asdm image disk0:/asdm-524.bin, try to erase both lines, restart the ASA and reapply the command. Where are you accessing the ASA from? What's the ip address of the host? Can you ping from that host to the ASA? I assume it is connected to management interface. One last thing, you said that it is not working anymore, have you got any error messages?
01-07-2013 02:09 AM
to be able to access ASA from web page you will need to configure ASDM, you will need to check if your ASA has ASDM file on the flash or not, it can be checked by using "dir disk0:" command. once you determine there is ASDM file on the flash, you can start configuring it, by using below template:
username
aaa authentication http console LOCAL
http server enable
asdm image disk0:
http
01-08-2013 03:24 AM
hi sanjoko
thanks for your help. web page is accessable by using
asdm image disk0:/"asdm file name"
regards
karma
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide