09-21-2015 04:15 PM - edited 03-11-2019 11:37 PM
Hi...
I am new to cisco firewall.. my office decided to buy a cisco asa 5515.
I'm configuring it via asdm software. I have followed many tutorials on the internet,
but I still can't access my server behind the asa.
I attached the show run config from the asa..
I don't have the serial USB cable, so i'm only configuring it from the asdm
Please help me..
09-21-2015 09:47 PM
Hi NandaPS85
What is the IP of the server and behind which interface is located ? Also from which IP are you coming from ?
-Randy-
09-21-2015 10:46 PM
I'm sorry.. finally i can configure the asa..
I've followed this tutorial
https://www.packet6.com/configuring-nat-for-a-public-server-using-same-outside-interface/
and
Thank you for replying..
Best Regards
09-21-2015 11:21 PM
Hi,
If you want to access cli without using serial console, you can enable ssh or telnet on the interface to which you have reachability from your workstation.
Thanks,
R.Seth
09-22-2015 07:11 PM
Hi, thanks for replying..
Can i access it from public??
I have enabled it, I still can't access it from public.
Anyway, i bought USB to Serial cable and finally i understand how asdm works..
a little bit confusing at first
Thanks ..
NandaPS
09-23-2015 01:36 AM
Hi Nanda,
You can use ssh on the public interface.
Following are the steps:
>> Check if you have 3des license enabled on ASA.
++ use show version
++ In case 3des encryption is disabled, you can install free license from cisco site.
Refer: https://supportforums.cisco.com/document/67701/asa-versions-image-names-and-licensing#Free_3DESAES_license
>>Check if the you have crypto keys on ASA.
sh crypto key mypubkey rsa
In case you do not have keys, then generate the key:
crypto key generate rsa modulus 2048 noconfirm
>> Create a username and password to use:
username test password test123 privilege 15
>> Enable aaa authentication on asa for ssh session:
aaa authentication ssh console LOCAL
>> Enable ssh on the outside interface and mention the allowed IP.
ssh <Ip address> <mask> <interfacename>
Hope it helps!!!
Thanks,
R.Seth
09-23-2015 02:15 AM
wuow... thanks ...
I have'nt try it.. it has to be done on site..
but i've done configuring the asa for serving the web server.
I wonder what else to be done to secure the web server.
Many thanks..
NandaPS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide