cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1297
Views
0
Helpful
7
Replies

Issue with ASDM - PIX 535

cjvalenc87
Level 1
Level 1

Hi, I have the following situation:

When I try to save changes done through ASDM I'm getting the following Error Message:

ASDMError.JPG

However, if I save the running-config through the CLI I have no problems, and the performance of the device seem to be ok, I mean, the only problem I have is when I try to save changes through the ASDM, the configuration is loaded without problem.

Can any body help me??

Thanks!!

7 Replies 7

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Christian,

How, weird behavior.

Are you running any ASDM Role??

What is the ASDM Version you have  and Pix version?

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi Julio.

Thanks for responding.

This is a part of show version from the PIX :

fwcol# sho ver

Cisco PIX Security Appliance Software Version 8.0(4)

Device Manager Version 6.1(5)

Compiled on Thu 07-Aug-08 19:42 by builders

System image file is "flash:/pix804.bin"

Config file at boot was "startup-config"

....

Hardware:   PIX-535, 1024 MB RAM, CPU Pentium III 1000 MHz

Sorry, I am not expert in ASDM, so how can I verify if am I running an ASDM role? could you explain your question again?

BR,

Hello Christian,

You are running the Cisco recommended version so wre are done there.

PIX 8.0(4)

ASDM 6.1(3)1 and later. Recommended: 6.1(5).

I mean if you enable any kind of authorization configuration on the Firewall?

Can you share the configuration,

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Julio, thank you.

The authorization configurations on the firewall are given by the privilege levels configured for the local users.

What especific part of the configuration you want to share?

show run aaa

show run username for the user having the issue (just show us the privilege level)

show run privilege

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

fw# sho run aaa

aaa authentication telnet console LOCAL

aaa authentication enable console LOCAL

aaa authentication ssh console LOCAL

aaa authorization command LOCAL

aaa accounting enable console TACACS+

aaa accounting ssh console TACACS+

aaa accounting telnet console TACACS+

aaa accounting command TACACS+

----

fw# sho run username cxxxxx

username cxxxxx password XXXXXX encrypted privilege 15

-----

fw# sho run privileg

privilege cmd level 1 mode exec command logout

privilege cmd level 1 mode exec command disable

privilege cmd level 3 mode exec command perfmon

privilege cmd level 8 mode exec command copy

privilege cmd level 3 mode exec command more

privilege cmd level 3 mode exec command ping

privilege cmd level 3 mode exec command who

privilege cmd level 3 mode exec command logging

privilege cmd level 3 mode exec command failover

privilege cmd level 3 mode exec command vpn-sessiondb

privilege show level 3 mode exec command running-config

privilege show level 3 mode exec command reload

privilege show level 3 mode exec command mode

privilege show level 3 mode exec command firewall

privilege show level 3 mode exec command interface

privilege show level 3 mode exec command clock

privilege show level 3 mode exec command dns-hosts

privilege show level 3 mode exec command access-list

privilege show level 3 mode exec command logging

privilege show level 3 mode exec command ip

privilege show level 3 mode exec command failover

privilege show level 3 mode exec command asdm

privilege show level 3 mode exec command arp

privilege show level 3 mode exec command route

privilege show level 3 mode exec command ospf

privilege show level 3 mode exec command aaa-server

privilege show level 3 mode exec command aaa

privilege show level 3 mode exec command crypto

privilege show level 3 mode exec command vpn-sessiondb

privilege show level 3 mode exec command ssh

privilege show level 3 mode exec command dhcpd

privilege show level 3 mode exec command vpn

privilege show level 3 mode exec command blocks

privilege show level 3 mode exec command uauth

privilege show level 3 mode configure command interface

privilege show level 3 mode configure command clock

privilege show level 3 mode configure command access-list

privilege show level 3 mode configure command logging

privilege show level 3 mode configure command ip

privilege show level 3 mode configure command failover

privilege show level 5 mode configure command asdm

privilege show level 3 mode configure command arp

privilege show level 7 mode configure command static

privilege show level 3 mode configure command route

privilege show level 3 mode configure command aaa-server

privilege show level 3 mode configure command aaa

privilege show level 3 mode configure command crypto

privilege show level 3 mode configure command ssh

privilege show level 3 mode configure command dhcpd

privilege show level 5 mode configure command privilege

privilege clear level 3 mode exec command dns-hosts

privilege clear level 3 mode exec command logging

privilege clear level 3 mode exec command arp

privilege clear level 3 mode exec command aaa-server

privilege clear level 3 mode exec command crypto


Add

aaa authentication http console LOCAL

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Review Cisco Networking for a $25 gift card