Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2895
Views
0
Helpful
6
Replies

ASDM and the management interface on a 5510

frank.mcdaid
Level 1
Level 1

‎08-16-2010 10:22 PM - edited ‎03-11-2019 11:26 AM

Hi,

I'm trying to set up a pair of ASA 5510's in active/standby mode, and I've hit a bit of a problem. I've completed the following steps:

1. Out of the box, i've used the configure factory-default <ip-address> <subnet mask> to set an IP address on the management interface. I've plugged my laptop directly into the management port using a cross-over cable, and I can connect to the ASA using ASDM.

2. I then configured active/standby failover, and this appears to be working fine.

3. I then added a configuration via the CLI. This config is from a pair of PiX 515's that are being replaced. The config was generated using the PiX to ASA configuration converter available on cisco.com.

4. After adding this config, I can still access the ASA via ASDM, and everything appears to be fine. I saved the config to flash and powered down both ASA's.

5. Today, i've installed the ASA's on site. When I connect my laptop to the management interace using a cross-over cable, I can no longer connect using ASDM. when I try and use a web page with the address https://<ip-address>, I get the warning about using unsigned certificates, which I accept. I then get prompted for a username and password, which I have entered correctly. I then get a HTTP 404 - website not found message.

At first i thought it might be an access rule on the management interface, so I created a permit ip any any rule (for testing purposes) and applied it to the management interface, but this made no difference.

Can anyone point me in the right direction to fix this?

Thanks,

Frank

Labels:
0 Helpful
6 Replies 6

Jennifer Halim
Cisco Employee
Cisco Employee

‎08-16-2010 10:24 PM

Can you please share the following output to see what the problem might be:

sh run http

sh run aaa

And also what username do you use to log in via ASDM?

0 Helpful

frank.mcdaid
Level 1
Level 1
In response to Jennifer Halim

‎08-16-2010 10:40 PM

ASA# sh run http

http server enable

http 10.12.1.0 255.255.255.0 management

http 10.64.31.64 255.255.255.224 management

ASA# sh run aaa

ASA#

10.12.1.0/24 contains the device management IP addresses at this site. 10.64.31.64/27 contains PC used to manage this ASA.

Username is blank and password is enable password.

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to frank.mcdaid

‎08-16-2010 10:45 PM

Please configure local username with the following command:

username password

and you should be able to log in using that username.

By default, the ASDM will use local database username/password.

0 Helpful

frank.mcdaid
Level 1
Level 1
In response to Jennifer Halim

‎08-17-2010 05:27 PM

I've added this to the config and it has not fixed the problem.

Anyone else have any idea's?

0 Helpful

mirober2
Cisco Employee
Cisco Employee
In response to frank.mcdaid

‎08-18-2010 08:14 AM

Hi Frank,

What version of ASA and ASDM software are you running?

Try enabling 'debug http' from the command line and then connecting to ASDM again. Does the output give any indication about what's happening? What page is the client trying to request that the ASA is responding with a 404 for?

-Mike

0 Helpful

Allen P Chen
Level 5
Level 5
In response to frank.mcdaid

‎08-18-2010 04:42 PM

Hello,

Can you please provide the "show version" output from the ASA?  This will provide the current software installed as well as the ASDM version.  Perhaps there is a conflict with the software version on the ASA and the ASDM version.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card