Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
6
Replies

Please help me..

NandaPS85
Level 1
Level 1

‎09-21-2015 04:15 PM - edited ‎03-11-2019 11:37 PM

Hi...

I am new to cisco firewall.. my office decided to buy a cisco asa 5515.

I'm configuring it via asdm software. I have followed many tutorials on the internet,

but I still can't access my server behind the asa.

I attached the show run config from the asa..

I don't have the serial USB cable, so i'm only configuring it from the asdm

 

Please help me..

 

Labels:
Preview file
6 KB
0 Helpful
6 Replies 6

rvarelac
Level 7
Level 7

‎09-21-2015 09:47 PM

Hi NandaPS85 

 

What is the IP of the server and behind which interface is located ? Also from which IP are you coming from ?

 

-Randy-

0 Helpful

Rishabh Seth
Level 7
Level 7

‎09-21-2015 11:21 PM

Hi,

If you want to access cli without using serial console, you can enable ssh or telnet on the interface to which you have reachability from your workstation.

Thanks,

R.Seth

0 Helpful

NandaPS85
Level 1
Level 1
In response to Rishabh Seth

‎09-22-2015 07:11 PM

Hi, thanks for replying..

Can i access it from public??

I have enabled it, I still can't access it from public.

Anyway, i bought USB to Serial cable and finally i understand how asdm works..

a little bit confusing at first

Thanks ..

NandaPS

0 Helpful

Rishabh Seth
Level 7
Level 7
In response to NandaPS85

‎09-23-2015 01:36 AM

Hi Nanda,

 

You can use ssh on the public interface.

Following are the steps:

>> Check if you have 3des license enabled on ASA.

++ use show version

++ In case 3des encryption is disabled, you can install free license from cisco site.

Refer: https://supportforums.cisco.com/document/67701/asa-versions-image-names-and-licensing#Free_3DESAES_license

>>Check if the you have crypto keys on ASA.

      sh crypto key mypubkey rsa

In case you do not have keys, then generate the key:

      crypto key generate rsa modulus 2048 noconfirm

>> Create a username and password to use:

      username test password test123 privilege 15

>> Enable aaa authentication on asa for ssh session:

      aaa authentication ssh console LOCAL

>> Enable ssh on the outside interface and mention the allowed IP.

     ssh <Ip address> <mask> <interfacename>

 

 

 

Hope it helps!!!

Thanks,

R.Seth

 

 

 

0 Helpful

NandaPS85
Level 1
Level 1
In response to Rishabh Seth

‎09-23-2015 02:15 AM

wuow... thanks ...

I have'nt try it.. it has to be done on site..

but i've done configuring the asa for serving the web server.

I wonder what else to be done to secure the web server.

 

Many thanks..

NandaPS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card