03-04-2011 04:36 PM - edited 03-06-2019 03:54 PM
I cant talk to the ASDM, I get the CLI of course and I get no Internet.
My network goes
Router 2600 with x number of outside ips
then it goes to ASA 5510
then to HP Pro curve switch that connects to all the 192.168.1.XXX server 192.168.2.XXX (issuesd by dhcp from server)
Can anyone look at my CLI see what is wrong?
ASA Version 8.3(1)
!
hostname wsigateway
domain-name wsystems.com
enable password yVSkMxWRc/S396FB encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
nameif outside
security-level 0
ip address 64.XXX.XXX.XXX 255.XXX.XXX.XXX!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.XXX.XXX.XXX 255.XXX.XXX.XXX!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 172.XXX.XXX.XXX 255.XXX.XXX.XXX
management-only
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
domain-name wsystems.com
object network email_server_static
host 192.XXX.XXX.XXX
object network wsiftp_static
host 192.XXX.XXX.XXX
object network terminal1_static
host 192.XXX.XXX.XXX
object network ram_static
host 192.XXX.XXX.XXX
access-list 100 extended permit tcp any host 64.XXX.XXX.XXX eq smtp
access-list 100 extended permit tcp any host 64.XXX.XXX.XXX eq ftp
access-list 100 extended permit tcp any host 64.XXX.XXX.XXX eq 3389
access-list 100 extended permit tcp any host 64.XXX.XXX.XXX eq 162
access-list 100 extended permit tcp any host 64.XXX.XXX.XXX eq https
access-list 100 extended deny ip any any log
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (management,outside) source dynamic any interface
!
object network email_server_static
nat (inside,outside) static 64.XXX.XXX.XXX
object network wsiftp_static
nat (inside,outside) static 64.XXX.XXX.XXX
object network terminal1_static
nat (inside,outside) static 64.XXX.XXX.XXX
object network ram_static
nat (inside,outside) static 64.132.162.70
route outside 0.0.0.0 0.0.0.0 64.XXX.XXX.XXX
route inside 192.XXX.XXX.XXX 255.XXX.XXX.XXX 192.XXX.XXX.XXX
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.XXX.XXX.XXX.XXX.XXX.XXX management
http 172.XXX.XXX.XXX 255.XXX.XXX.XXX management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
anyconnect-essentials
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
Solved! Go to Solution.
03-04-2011 06:06 PM
Hi Donney,
You're missing the "asdm image
http://www.cisco.com/en/US/partner/docs/security/asa/asa83/command/reference/a2.html#wp1716977
Best regards,
-jb
03-04-2011 06:06 PM
Hi Donney,
You're missing the "asdm image
http://www.cisco.com/en/US/partner/docs/security/asa/asa83/command/reference/a2.html#wp1716977
Best regards,
-jb
03-04-2011 06:14 PM
This what I get at the links
The file or application you are trying to access may require additional entitlement or you are trying to access a file with an invalid name. Additional entitlement levels are granted based on a users relationship with Cisco on a per-application basis.
If you feel you have reached this page in error, please try one of the following methods to locate your document:
If you would like to contact someone about this problem, please click on the Contacts & Feedback link below.
03-06-2011 11:07 AM
I got it thank you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: