Issues accessing ASDM on ASA platform

Unanswered Question
Mar 27th, 2008

Last night I upgraded our ASA 5510 platforms from 7.0 code to 7.2 code.

I also shipped the new ASDM image to Flash (5.2.3).

this morning I wanted to access the ASDM launcher,so I navigated to https://<address of ASA>. I attemtps to authenticate me to the box, but then I get "Page cannot be displayed".

I can perform a sho disk0 and see both the old ASDM image and the new ASDM image and was curious if this might be causing the problem.

Do I need to delete the old ASDM image?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
allanc_16 Thu, 03/27/2008 - 09:14

can you post the output of the following command?

show run http

Kevin Melton Fri, 03/28/2008 - 06:55

bhiasaip# sho asdm image

Device Manager image file, disk0:/asdm506.bin

bhiasaip# sh flash

-#- --length-- -----date/time------ path

6 5474304 Dec 31 2002 19:04:50 asa706-k8.bin

7 5823980 Jul 21 2007 03:11:10 asdm506.bin

10 8386560 Mar 26 2008 18:59:00 asa723-k8.bin

11 0 Mar 26 2008 17:30:20 crypto_archive

12 6287244 Mar 27 2008 01:54:48 asdm-523.bin

229367808 bytes available (26058752 bytes used)

bhiasaip# sho ver

Cisco Adaptive Security Appliance Software Version 7.2(3)

Detected an old ASDM version.

You will need to upgrade it before using ASDM.

Compiled on Wed 15-Aug-07 16:08 by builders

System image file is "disk0:/asa723-k8.bin"

Config file at boot was "startup-config"

bhiasaip up 1 day 7 hours

Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode : CNlite-MC-Boot-Cisco-1.2

SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03

IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04

0: Ext: Ethernet0/0 : address is 001b.54ab.18f6, irq 9

1: Ext: Ethernet0/1 : address is 001b.54ab.18f7, irq 9

2: Ext: Ethernet0/2 : address is 001b.54ab.18f8, irq 9

3: Ext: Ethernet0/3 : address is 001b.54ab.18f9, irq 9

4: Ext: Management0/0 : address is 001b.54ab.18fa, irq 11

5: Int: Not used : irq 11

6: Int: Not used : irq 5

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 50

Inside Hosts : Unlimited

Failover : Disabled

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 0

GTP/GPRS : Disabled

VPN Peers : 250

WebVPN Peers : 2

This platform has a Base license.

Serial Number: JMX1129L12S

Running Activation Key: xxx

Configuration register is 0x1

Configuration has not been modified since last system restart.


Well those commands answered alot indeed. I noticed at the end of the sho ver that it indicated that "the platform has a bad license". Why would it indicate that?


Kevin Melton Fri, 03/28/2008 - 06:51

http server enable

http management

http inside

The inside address is the address of my workstation at the customer site...

francisco_1 Thu, 03/27/2008 - 09:39

have you tried booting asa with the new asdm?

asa(config)asdm image flash:filename.bin


francisco_1 Thu, 03/27/2008 - 09:41

your asdm can be in flash but if you dont tell the asa to use it, it wont until you instruct it to use it.

Kevin Melton Fri, 03/28/2008 - 06:58

that being said, is there any issues with going ahead and using the command you had previously recommended which was:

asdm image flash:asdm-523.bin

and then doing a "wr mem" so that during the next restart, it will reference the correct image?

Thanks again for your assistance.

Kevin Melton Fri, 03/28/2008 - 06:49

Have not tried to boot using the new ASDM image. I will have to schedule this to happen at some point, since it guards the customers DMZ and Production networks from the Outside.

Would the command be

asdm image disk0:asdm-523.bin vs. flash??

thanks for your input


This Discussion