cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1179
Views
0
Helpful
8
Replies

ASDM not working on ASA

wasiimcisco
Level 1
Level 1

I have ASA 5550 VPN Premium license. But i am having strange problem with it. I am not able to do the ASDM from outside interface. I have no access-list no specific policy, from outside interface I am only able to do the SSH, even telent is not working.

There is no connectivity issue, Please help me out how to solve this problem.

8 Replies 8

alibowluk
Level 1
Level 1

i dont think this will fix your problem but you also seem to be missing the following config line:

aaa authentication http console LOCAL

vabruno
Level 1
Level 1

the recent posted should have resolved your issue. Also make sure that you do a show disk0: and make sure that version 523.bin is actually in your flash as this is the version you are booting with

asdm image disk0:/asdm-523.bin

thanks for the reply, i tried all the things but still getting same error of timeout, not able to access the ASDM

FW1(config)# sh run | in aaa

aaa authentication ssh console LOCAL

aaa authentication telnet console LOCAL

aaa authentication http console LOCAL

FW1(config)# sh dis

FW1(config)# sh disk0:

-#- --length-- -----date/time------ path

6 8386560 Jan 01 2003 00:07:58 asa723-k8.bin

7 1868412 Jan 01 2003 00:08:36 securedesktop-asa-3.1.1.29-k9.pkg

8 398305 Jan 01 2003 00:09:06 sslclient-win-1.1.0.154.pkg

9 0 Oct 10 2007 20:02:48 crypto_archive

10 6287244 Oct 10 2007 20:05:30 asdm-523.bin

238403584 bytes available (17022976 bytes used)

FW1(config)# sh run | in http

failover replication http

aaa authentication http console LOCAL

http server enable

http 0.0.0.0 255.255.255.255 EDNUplink

http 172.28.10.0 255.255.255.0 management

FW1(config)#

Try telnetting to port 443 from outside to see if you are able to connect to the port. If you cannot, I would check the logs to see if you are getting blocked. The ASDM image may also be corrupted. I would suggest deleting the asdm-523.bin from flash and re-downloading and copying over the image to the ASA.

Try the line:

http 0.0.0.0 0.0.0.0 EDNUplink

Also, I think that telnet is only allowed on the outside interface if it comes through a vpn tunnel. It requires encryption to be used on the outside interface and should show up in the logs as such with debugging logging on.

Hi,

I have the same issue running 8.0(3) on an ASA5520, oddly enough, it works following a device reload, for a limited amount of time, and I also have oher ASAs with the exact same OS/management configuration, which I can access via ASDM fine.

Based upon this I am thinking it must be a hardware fault, or intermittent OS fault. I will let you know what I am able to find out. Please advise also, if you find a fix.

hi,

I too have the same problem, in the debugg appear:

HTTP: processing GET URL '/' from host 192.168.50.1

HTTP: redirecting to: /admin/public/index.html

HTTP: processing GET URL '/admin/public/index.html' from host 192.168.50.1

HTTP: authentication not required

HTTP: file not found: public/index.html}

Luis, what debug did you run, if I run a debug http, I dont get any output relating to this connection attempt...?

Also, FYI, I have downgraded back to ver8.0(2) as I never noticed this problem when using that code, I am currently running 8.0(3), but now I ge the problem running 8.0(2) also.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: