ASA-5540 config question 'asdm location'

jkeeffe · ‎12-18-2007

When ever I create a network object in ASDM 6.0(3) the UI also wants to send the command 'asdm location (network object IP address)' to the device.

What is the purpose of 'asdm locaction ....'? Is it telling the ASA-5540 that the IP address is allowed to connect to the device using ASDM?

If that is the case why does 'asdm location xxx.xxx.xxx.xxx'get denerated for every network object I create?

JORGE RODRIGUEZ · ‎12-18-2007

Jim, PIX/ASA uses this entry to associate that host to and interface as well as with object groups entries for that matter. In other words it builds a topology within the firewall itself based on this information entries to associate it with an interface but by no means these entries would have anything to do with administration access rights to the firewall, for that you need to configure management access and instruct firewall with IP addresses that can access firewall by https, ssh, or telnet access for managing the firewall.

Rgds

Jorge

Jorge Rodriguez

jowegrzy · ‎07-05-2012

According to Cisco press book , "End-to-End Network Security Defense-in-Depth?(ISBN 978-1-58705-332-0)" by Omar Santor, the "asdm location" command is related to administrative access.

http://tinyurl.com/bpwabhk

jowegrzy · ‎07-05-2012

According to Cisco press book , "End-to-End Network Security Defense-in-Depth?(ISBN 978-1-58705-332-0)" by Omar Santor, the "asdm location" command is related to administrative access.

http://tinyurl.com/bpwabhk