ASDM not working on ASA

wasiimcisco · ‎05-14-2008

I have ASA 5550 VPN Premium license. But i am having strange problem with it. I am not able to do the ASDM from outside interface. I have no access-list no specific policy, from outside interface I am only able to do the SSH, even telent is not working.

There is no connectivity issue, Please help me out how to solve this problem.

alibowluk · ‎05-14-2008

i dont think this will fix your problem but you also seem to be missing the following config line:

aaa authentication http console LOCAL

vabruno · ‎05-14-2008

the recent posted should have resolved your issue. Also make sure that you do a show disk0: and make sure that version 523.bin is actually in your flash as this is the version you are booting with

asdm image disk0:/asdm-523.bin

wasiimcisco · ‎05-14-2008

thanks for the reply, i tried all the things but still getting same error of timeout, not able to access the ASDM

FW1(config)# sh run | in aaa

aaa authentication ssh console LOCAL

aaa authentication telnet console LOCAL

aaa authentication http console LOCAL

FW1(config)# sh dis

FW1(config)# sh disk0:

-#- --length-- -----date/time------ path

6 8386560 Jan 01 2003 00:07:58 asa723-k8.bin

7 1868412 Jan 01 2003 00:08:36 securedesktop-asa-3.1.1.29-k9.pkg

8 398305 Jan 01 2003 00:09:06 sslclient-win-1.1.0.154.pkg

9 0 Oct 10 2007 20:02:48 crypto_archive

10 6287244 Oct 10 2007 20:05:30 asdm-523.bin

238403584 bytes available (17022976 bytes used)

FW1(config)# sh run | in http

failover replication http

aaa authentication http console LOCAL

http server enable

http 0.0.0.0 255.255.255.255 EDNUplink

http 172.28.10.0 255.255.255.0 management

FW1(config)#

edunn · ‎05-14-2008

Try telnetting to port 443 from outside to see if you are able to connect to the port. If you cannot, I would check the logs to see if you are getting blocked. The ASDM image may also be corrupted. I would suggest deleting the asdm-523.bin from flash and re-downloading and copying over the image to the ASA.

kevin.corace · ‎05-14-2008

Try the line:

http 0.0.0.0 0.0.0.0 EDNUplink

Also, I think that telnet is only allowed on the outside interface if it comes through a vpn tunnel. It requires encryption to be used on the outside interface and should show up in the logs as such with debugging logging on.

8c-stone · ‎05-20-2008

Hi,

I have the same issue running 8.0(3) on an ASA5520, oddly enough, it works following a device reload, for a limited amount of time, and I also have oher ASAs with the exact same OS/management configuration, which I can access via ASDM fine.

Based upon this I am thinking it must be a hardware fault, or intermittent OS fault. I will let you know what I am able to find out. Please advise also, if you find a fix.

luis.gerena · ‎05-20-2008

hi,

I too have the same problem, in the debugg appear:

HTTP: processing GET URL '/' from host 192.168.50.1

HTTP: redirecting to: /admin/public/index.html

HTTP: processing GET URL '/admin/public/index.html' from host 192.168.50.1

HTTP: authentication not required

HTTP: file not found: public/index.html}

8c-stone · ‎05-21-2008

Luis, what debug did you run, if I run a debug http, I dont get any output relating to this connection attempt...?

Also, FYI, I have downgraded back to ver8.0(2) as I never noticed this problem when using that code, I am currently running 8.0(3), but now I ge the problem running 8.0(2) also.