Outside dynamic is the iterface that I am trying to connect through.

sh run int

!
interface Vlan1
nameif outside
security-level 0
ip address 172.16.61.230 255.255.255.0
ospf cost 10
ospf network point-to-point non-broadcast
ospf authentication null
!
interface Vlan2
description Inside currently configured for 192.168.3.129  was 129
nameif inside
security-level 100
ip address xxx.xx.xx.xx 255.255.255.0
!
interface Vlan3
description Interface for dynamic connections
no forward interface Vlan1
nameif outsideDynamic
security-level 0
dhcp client route distance 2
ip address dhcp setroute
!
interface Ethernet0/0
shutdown
!
interface Ethernet0/1
switchport access vlan 3
!
interface Ethernet0/2
switchport access vlan 2
!
interface Ethernet0/3
switchport access vlan 2
shutdown
!
interface Ethernet0/4
switchport access vlan 2
!
interface Ethernet0/5
switchport access vlan 2
shutdown
!
interface Ethernet0/6
switchport access vlan 2
!
interface Ethernet0/7
switchport access vlan 2

Sh run http

http server enable
http 10.0.1.80 255.255.255.255 outside
http 10.0.1.0 255.255.255.0 outsideDynamic
http 0.0.0.0 0.0.0.0 outsideDynamic
http 172.16.30.0 255.255.255.0 outside
http SH_Data 255.255.255.0 inside
http 62.xxx.222.0 255.255.255.240 outsideDynamic
http 172.16.30.0 255.255.255.0 outsideDynamic
http SH_Svr_RODC 255.255.255.255 inside
http 0.0.0.0 0.0.0.0 inside

Hello,

Can you please post the output of following command:

packet-tracer input outsideDynamic tcp 10.0.1.77 1024 10.0.1.90 443 detailed

Make sure that 10.0.1.90 is the IP assigned to the interface.

Regards,

NT

packet-tracer input outsideDynamic tcp 10.0.1.77 1024 10.0.1.90 443$

Phase: 1
Type: CP-PUNT
Subtype: l2-selective
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in  id=0xd7e38290, priority=12, domain=punt, deny=false
        hits=16648, user_data=0xd86906f0, cs_id=0x0, l3_type=0x8
        src mac=0000.0000.0000, mask=0000.0000.0000
        dst mac=0000.0000.0000, mask=0000.0000.0000

Phase: 2
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
Forward Flow based lookup yields rule:
in  id=0xd820e518, priority=1, domain=permit, deny=false
        hits=33255, user_data=0x0, cs_id=0x0, l3_type=0x8
        src mac=0000.0000.0000, mask=0000.0000.0000
        dst mac=0000.0000.0000, mask=0000.0000.0000

Phase: 3
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow

Phase: 4
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   10.0.1.90       255.255.255.255 identity

Phase: 5
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
Forward Flow based lookup yields rule:
in  id=0xd81dfa18, priority=121, domain=permit, deny=false
        hits=990, user_data=0x0, cs_id=0x0, flags=0x0, protocol=6
        src ip=10.0.1.0, mask=255.255.255.0, port=0
        dst ip=0.0.0.0, mask=0.0.0.0, port=443, dscp=0x0

Phase: 6
Type: MGMT-TCP-INTERCEPT
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in  id=0xd8210750, priority=0, domain=mgmt-tcp-intercept, deny=false
        hits=1355, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=6
        src ip=0.0.0.0, mask=0.0.0.0, port=0
        dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0

Phase: 7
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in  id=0xd8210d28, priority=0, domain=permit-ip-option, deny=true
        hits=735, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
        src ip=0.0.0.0, mask=0.0.0.0, port=0
        dst ip=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0

Phase: 8
Type: ROUTE-LOOKUP
Subtype: output and adjacency
Result: ALLOW
Config:
Additional Information:
found next-hop 10.0.1.77 using egress ifc outsideDynamic
adjacency Active
next-hop mac address 0021.70a9.3b22 hits 0

Result:
input-interface: outsideDynamic
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: allow

Hello,

It seems like the firewall is allowing port 443 traffic. Have you configured

anything else on that interface (like WebVPN)? How are you trying to access

ASDM? Through ASDM application or through IE/Firefox?

Regards,

NT

I can access the ASDM but not https://10.0.1.90

The only other thing configured on the interface is inbound site to site IPSEC.

I can even https and ASDM accross my site to site VPN to the "inside"

interface

Hello,

Can you please post your entire running configuration here?

Regards,

NT

Hello,

So, if I understand you correctly, you are able to access ASDM through

10.0.1.77 workstation. But you are not able to access https://10.0.1.90 via

the same device. Are you running ASDM on a different port (other than 443)?

Also, what browser you are using?

Regards,

NT

You are correct

IE 8

And it did work until I loaded my config on to it.

Not moved the port number that I am aware of.

Hello,

Can you please post your entire running configuration here? I suspect that

when you loaded your entire configuration, you might have accidentally

included all traffic from that interface to be encrypted.

Regards,

NT