ASDM will not start on 443

Unanswered Question
Apr 16th, 2009
User Badges:

If I change ASDM to 8443, it starts just fine. Yes, I've read about WebVPN conflicts with 8.0, but I've even tried changing that to 1443. I just upgraded from 7.2(2) to 8.0(4) - worked fine on the first firewall and only this ASDM problem with the second ASA5510 upgrade. How can I find what else may be taking port 443 ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
John Blakley Fri, 04/17/2009 - 06:09
User Badges:
  • Purple, 4500 points or more

Do you have any static mappings that use the keyword "interface" that listen on 443? That *could* be causing a problem, but I've never seen it.


Look for something like:


static (inside,outside) tcp interface 443 192.168.1.1 netmask 255.255.255.255


If you have that, you're telling the ASA to redirect everything that comes into 443 to an inside host at 192.168.1.1. While that shouldn't give you the error that you're seeing, it could be a problem.


HTH,

John

Todd Walker Fri, 04/17/2009 - 06:37
User Badges:

So far, you've nailed it! I didn't think of this static as a possibility since ASDM on 443 was working in 7.2(2). Will test further...thanks!

Todd Walker Sat, 04/18/2009 - 11:35
User Badges:

My guess is that 7.2(2) worked because it doesn't do any checking/verification and because I hit ASDM only from the Inside interface where the static didn't affect it.

Actions

This Discussion