Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASDM first-time install

We recently upgraded our PIX-525 from v6.3.5 to v8.0.4. All went well with the upgrade. We formerly used the PDM for management of the PIX. Now, I see that the ASDM is used.

My question is: How is the ASDM installed for the first time? I have tried searching artlicles, and all I can seem to find is how to upgrade, but not install initially.

I have already performed:

1. Download ASDM.bin image and TFTP to flash on PIX (copy tftp flash)

2. Entered "asdm image flash:/asdm.bin"

3. "http server enable"

4. "asdm history enable"

and then saved and reloaded.

However, I am still unable to access the ASDM. What am I missing? Any advice or links to articles on initial ASDM install would be appreciated.

5 REPLIES

Re: ASDM first-time install

I'm not sure by what you mean you can't access it, but you'll need to give yourself access.

http 192.168.1.1 inside

The address is whatever your host or network you want to allow to use ASDM, and "inside" is the interface you'll be coming in on.

HTH,

John

HTH, John *** Please rate all useful posts ***
Community Member

Re: ASDM first-time install

I have allowed access, but I simply get a "Cannot Connect" error from my browser. I have used nmap to scan the PIX's inside interface, and it does show port 443 open.

One thing I noticed is that no certificate info is shown in the PIX config. Do I need to install a new SSL certificate in order to be able to connect using HTTPS?

Also, I am using the URL https://192.168.1.1/asdm Is this correct?

Hall of Fame Super Gold

Re: ASDM first-time install

Ben

In my experience it is sufficient to just:

https://192.168.1.1

I do not believe that you need /asdm

If you just https to the device it should prompt you about ASDM and give you a choice about downloading the GUI.

[edit] while a new SSL certificate may be desirable it is certainly not required for ASDM to work. I have ASDM on several boxes with self signed certificates and they work.

HTH

Rick

Community Member

Re: ASDM first-time install

I'm still not getting anything. How do I create a new cert?

Also, when I TFTP the image, I just used "copy tftp flash." An associate of mine said that on older versions of the PIX, to install the PDM you had to tell it during the TFTP command, something like "copy tftp flash:pdm" Could the ASDM require the same type of command?

Re: ASDM first-time install

Well, first, you need to make sure that you have the correct asdm bin file for the version of IOS you're running. You can tell that when you go to download the file. Copying via tftp to flash is fine. You don't have to pass any other parameters.

To generate a key, you can do:

crypt key generate rsa general-keys mod 1024

HTH,

John

HTH, John *** Please rate all useful posts ***
1189
Views
0
Helpful
5
Replies
CreatePlease to create content