cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1874
Views
0
Helpful
5
Replies

ASDM first-time install

olhcc
Level 1
Level 1

We recently upgraded our PIX-525 from v6.3.5 to v8.0.4. All went well with the upgrade. We formerly used the PDM for management of the PIX. Now, I see that the ASDM is used.

My question is: How is the ASDM installed for the first time? I have tried searching artlicles, and all I can seem to find is how to upgrade, but not install initially.

I have already performed:

1. Download ASDM.bin image and TFTP to flash on PIX (copy tftp flash)

2. Entered "asdm image flash:/asdm.bin"

3. "http server enable"

4. "asdm history enable"

and then saved and reloaded.

However, I am still unable to access the ASDM. What am I missing? Any advice or links to articles on initial ASDM install would be appreciated.

5 Replies 5

John Blakley
VIP Alumni
VIP Alumni

I'm not sure by what you mean you can't access it, but you'll need to give yourself access.

http 192.168.1.1 inside

The address is whatever your host or network you want to allow to use ASDM, and "inside" is the interface you'll be coming in on.

HTH,

John

HTH, John *** Please rate all useful posts ***

I have allowed access, but I simply get a "Cannot Connect" error from my browser. I have used nmap to scan the PIX's inside interface, and it does show port 443 open.

One thing I noticed is that no certificate info is shown in the PIX config. Do I need to install a new SSL certificate in order to be able to connect using HTTPS?

Also, I am using the URL https://192.168.1.1/asdm Is this correct?

Ben

In my experience it is sufficient to just:

https://192.168.1.1

I do not believe that you need /asdm

If you just https to the device it should prompt you about ASDM and give you a choice about downloading the GUI.

[edit] while a new SSL certificate may be desirable it is certainly not required for ASDM to work. I have ASDM on several boxes with self signed certificates and they work.

HTH

Rick

HTH

Rick

I'm still not getting anything. How do I create a new cert?

Also, when I TFTP the image, I just used "copy tftp flash." An associate of mine said that on older versions of the PIX, to install the PDM you had to tell it during the TFTP command, something like "copy tftp flash:pdm" Could the ASDM require the same type of command?

Well, first, you need to make sure that you have the correct asdm bin file for the version of IOS you're running. You can tell that when you go to download the file. Copying via tftp to flash is fine. You don't have to pass any other parameters.

To generate a key, you can do:

crypt key generate rsa general-keys mod 1024

HTH,

John

HTH, John *** Please rate all useful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: