Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5520 with GNS3

Task:- i want to configure the ASA 5520 having version 8.4(2) through ASDM. And also please share the explorer version with Java version to access the ASA through ASDM.


Below the Configuration of ASA


Task:- I want to access the ASA through ASDM. Please also share the information what is the requirment of the explorer version and also Java version.



here is problem that i cannot access the host or cloud from tha asa. Cloud attached with the cisco ASA 5520 haveing 8.4(2) version of managment interface with security level is 0.


Here below the configuration of ASA


ASA(config-if)# sh running-config

: Saved


ASA Version 8.4(2)


hostname ASA

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted



interface GigabitEthernet0

nameif managment

security-level 0

ip address


interface GigabitEthernet1


no nameif

no security-level

no ip address


interface GigabitEthernet2


no nameif

no security-level

no ip address


interface GigabitEthernet3


no nameif

no security-level

no ip address


interface GigabitEthernet4


no nameif

no security-level

no ip address


ftp mode passive

pager lines 24

mtu managment 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept



prompt hostname context

call-home reporting anonymous prompt 2


profile CiscoTAC-1

  no active

  destination address http

  destination address email

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

crashinfo save disable


: end



And the cloud ip is attached with the cisco ASA 5520 management interface having security level 0. According to above configuration i also cannot pinging the each other and also attached the topology with their interfaces.

Your discussion would be appreciated.


Thanks and Regards




hi,try adding these:int


try adding these:

int g0

security-level 100

http server enable

http inside


make sure you've got ASDM uploaded in ASA flash and access it via HTTPS.


If I remember correctly it is

If I remember correctly it is only telnet that has the restriction of not being able to connect to an interface that is configured with a security level of 0.

That being said, in addition to what John has mentioned.  Issue the command dir to see if there is an ASDM image installed on the ASA.  By default this image will not be present and you will need to copy it to the ASA.  That means you will need to have a TFTP, FTP, SCP (or similar) server running on your PC.  You might also need to allow for the traffic from the PC to the ASA on that interface since it is a security level 0...though of this I am not sure if it NEEDS to be done...and I don't have an ASA to test on right now.

copy tftp flash

Once the image is copied over you need to enter the following commands:

asdm image <imagename.bin>
http server enable
http management
aaa authentication http console LOCAL
username cisco password cisco  (or whichever username and password you choose)

Let us know how it goes


Please remember to select a correct answer and rate helpful posts


Please remember to rate and select a correct answer
CreatePlease to create content