Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASDM Interface

My setup is :PIX 515E, IOS 8.0(4)28, ASDM 6.1(5)57, Firewall mode routed, 6 interfaces, 128Mb.

My question is, can ASDM be accessed through any interface on the PIX besides ethernet1? I'd prefer to run ASDM through ethernet5 but it refuses to run. I have tried deconfiguring eth1 and copying its config to eth5 to no avail. The basic setup on eth1 that works is:

interface Ethernet1
 nameif Management
 security-level 100
 ip address 100.100.100.18 255.255.255.0

 

This doesn't work on eth5.

 

Matt.

 

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Hi,Would you be able to reply

Hi,

Would you be able to reply with these outputs from the PIX:-

1) show asp table socket

2) show run interface eth5

Also , is the IP from which you are trying to access the ASDM in the same Network as the range configured on the Interface ?

Thanks and Regards,

Vibhor Amrodia

Cisco Employee

Hi,So , were you able to

Hi,

So , were you able to resolve this issue ?

Thanks and Regards,

Vibhor Amrodia

4 REPLIES
Cisco Employee

Hi,Would you be able to reply

Hi,

Would you be able to reply with these outputs from the PIX:-

1) show asp table socket

2) show run interface eth5

Also , is the IP from which you are trying to access the ASDM in the same Network as the range configured on the Interface ?

Thanks and Regards,

Vibhor Amrodia

New Member

The responses are as follows

The responses are as follows:

PIX515E#  show asp table socket

Protocol  Socket    Local Address               Foreign Address         State
TCP       0002082c  100.100.100.18:23           0.0.0.0:*              LISTEN
SSL       0002e9ec  100.100.100.18:443         0.0.0.0:*               LISTEN
SSL       0008993c  100.100.100.18:443         Miffy:1063            ESTAB
PIX515E# show run interface eth5
!
interface Ethernet5
 description MGT_INTERFACE
 speed 100
 duplex full
 nameif Management
 security-level 0
 ip address 100.100.100.18 255.255.255.0 

I figured it out. I was allowing telnet/http access to the inside interface, not the management interface. Inside is Eth1, Management is Eth5.

A force of habit. As this PIX has 6 Eth interfaces I thought I'd dedicate one to management. Now to interface between my 877 & 1751-V!

Thanks for your help Vibhor.

Cisco Employee

Hi,So , were you able to

Hi,

So , were you able to resolve this issue ?

Thanks and Regards,

Vibhor Amrodia

New Member

Yes thanks Vibhor. I was

Yes thanks Vibhor. I was reminded of a valuable lesson, it's all in the logic. The answer, as usual, was staring me in the face. ASDM can be accessed from any interface. In the process I also figured out that you can't telnet into these PIX. One must set up SSH2 to do this.

33
Views
0
Helpful
4
Replies