Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
372
Views
0
Helpful
4
Replies

ASDM Interface

Go to solution
Matt Wilson
Level 1
Level 1

‎10-16-2014 09:46 PM - edited ‎03-11-2019 09:57 PM

My setup is :PIX 515E, IOS 8.0(4)28, ASDM 6.1(5)57, Firewall mode routed, 6 interfaces, 128Mb.

My question is, can ASDM be accessed through any interface on the PIX besides ethernet1? I'd prefer to run ASDM through ethernet5 but it refuses to run. I have tried deconfiguring eth1 and copying its config to eth5 to no avail. The basic setup on eth1 that works is:

interface Ethernet1
 nameif Management
 security-level 100
 ip address 100.100.100.18 255.255.255.0

 

This doesn't work on eth5.

 

Matt.

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎10-17-2014 03:27 AM

Hi,

Would you be able to reply with these outputs from the PIX:-

1) show asp table socket

2) show run interface eth5

Also , is the IP from which you are trying to access the ASDM in the same Network as the range configured on the Interface ?

Thanks and Regards,

Vibhor Amrodia

View solution in original post

0 Helpful

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Matt Wilson

‎10-21-2014 03:03 AM

Hi,

So , were you able to resolve this issue ?

Thanks and Regards,

Vibhor Amrodia

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎10-17-2014 03:27 AM

Hi,

Would you be able to reply with these outputs from the PIX:-

1) show asp table socket

2) show run interface eth5

Also , is the IP from which you are trying to access the ASDM in the same Network as the range configured on the Interface ?

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Go to solution
Matt Wilson
Level 1
Level 1
In response to Vibhor Amrodia

‎10-18-2014 08:46 PM

The responses are as follows:

PIX515E#  show asp table socket

Protocol  Socket    Local Address               Foreign Address         State
TCP       0002082c  100.100.100.18:23           0.0.0.0:*              LISTEN
SSL       0002e9ec  100.100.100.18:443         0.0.0.0:*               LISTEN
SSL       0008993c  100.100.100.18:443         Miffy:1063            ESTAB
PIX515E# show run interface eth5
!
interface Ethernet5
 description MGT_INTERFACE
 speed 100
 duplex full
 nameif Management
 security-level 0
 ip address 100.100.100.18 255.255.255.0 

I figured it out. I was allowing telnet/http access to the inside interface, not the management interface. Inside is Eth1, Management is Eth5.

A force of habit. As this PIX has 6 Eth interfaces I thought I'd dedicate one to management. Now to interface between my 877 & 1751-V!

Thanks for your help Vibhor.

0 Helpful

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Matt Wilson

‎10-21-2014 03:03 AM

Hi,

So , were you able to resolve this issue ?

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Go to solution
Matt Wilson
Level 1
Level 1
In response to Vibhor Amrodia

‎10-21-2014 12:47 PM

Yes thanks Vibhor. I was reminded of a valuable lesson, it's all in the logic. The answer, as usual, was staring me in the face. ASDM can be accessed from any interface. In the process I also figured out that you can't telnet into these PIX. One must set up SSH2 to do this.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card