ASDM will not start on 443

Todd Walker · ‎04-16-2009

If I change ASDM to 8443, it starts just fine. Yes, I've read about WebVPN conflicts with 8.0, but I've even tried changing that to 1443. I just upgraded from 7.2(2) to 8.0(4) - worked fine on the first firewall and only this ASDM problem with the second ASA5510 upgrade. How can I find what else may be taking port 443 ?

John Blakley · ‎04-17-2009

Do you have any static mappings that use the keyword "interface" that listen on 443? That *could* be causing a problem, but I've never seen it.

Look for something like:

static (inside,outside) tcp interface 443 192.168.1.1 netmask 255.255.255.255

If you have that, you're telling the ASA to redirect everything that comes into 443 to an inside host at 192.168.1.1. While that shouldn't give you the error that you're seeing, it could be a problem.

HTH,

John

HTH, John *** Please rate all useful posts ***

Todd Walker · ‎04-17-2009

So far, you've nailed it! I didn't think of this static as a possibility since ASDM on 443 was working in 7.2(2). Will test further...thanks!

Todd Walker · ‎04-18-2009

My guess is that 7.2(2) worked because it doesn't do any checking/verification and because I hit ASDM only from the Inside interface where the static didn't affect it.