05-14-2008 01:16 AM - edited 03-11-2019 05:44 AM
I have ASA 5550 VPN Premium license. But i am having strange problem with it. I am not able to do the ASDM from outside interface. I have no access-list no specific policy, from outside interface I am only able to do the SSH, even telent is not working.
There is no connectivity issue, Please help me out how to solve this problem.
05-14-2008 08:38 AM
i dont think this will fix your problem but you also seem to be missing the following config line:
aaa authentication http console LOCAL
05-14-2008 08:46 AM
the recent posted should have resolved your issue. Also make sure that you do a show disk0: and make sure that version 523.bin is actually in your flash as this is the version you are booting with
asdm image disk0:/asdm-523.bin
05-14-2008 02:43 PM
thanks for the reply, i tried all the things but still getting same error of timeout, not able to access the ASDM
FW1(config)# sh run | in aaa
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
aaa authentication http console LOCAL
FW1(config)# sh dis
FW1(config)# sh disk0:
-#- --length-- -----date/time------ path
6 8386560 Jan 01 2003 00:07:58 asa723-k8.bin
7 1868412 Jan 01 2003 00:08:36 securedesktop-asa-3.1.1.29-k9.pkg
8 398305 Jan 01 2003 00:09:06 sslclient-win-1.1.0.154.pkg
9 0 Oct 10 2007 20:02:48 crypto_archive
10 6287244 Oct 10 2007 20:05:30 asdm-523.bin
238403584 bytes available (17022976 bytes used)
FW1(config)# sh run | in http
failover replication http
aaa authentication http console LOCAL
http server enable
http 0.0.0.0 255.255.255.255 EDNUplink
http 172.28.10.0 255.255.255.0 management
FW1(config)#
05-14-2008 05:23 PM
Try telnetting to port 443 from outside to see if you are able to connect to the port. If you cannot, I would check the logs to see if you are getting blocked. The ASDM image may also be corrupted. I would suggest deleting the asdm-523.bin from flash and re-downloading and copying over the image to the ASA.
05-14-2008 06:27 PM
Try the line:
http 0.0.0.0 0.0.0.0 EDNUplink
Also, I think that telnet is only allowed on the outside interface if it comes through a vpn tunnel. It requires encryption to be used on the outside interface and should show up in the logs as such with debugging logging on.
05-20-2008 05:54 AM
Hi,
I have the same issue running 8.0(3) on an ASA5520, oddly enough, it works following a device reload, for a limited amount of time, and I also have oher ASAs with the exact same OS/management configuration, which I can access via ASDM fine.
Based upon this I am thinking it must be a hardware fault, or intermittent OS fault. I will let you know what I am able to find out. Please advise also, if you find a fix.
05-20-2008 06:40 PM
hi,
I too have the same problem, in the debugg appear:
HTTP: processing GET URL '/' from host 192.168.50.1
HTTP: redirecting to: /admin/public/index.html
HTTP: processing GET URL '/admin/public/index.html' from host 192.168.50.1
HTTP: authentication not required
HTTP: file not found: public/index.html}
05-21-2008 02:37 AM
Luis, what debug did you run, if I run a debug http, I dont get any output relating to this connection attempt...?
Also, FYI, I have downgraded back to ver8.0(2) as I never noticed this problem when using that code, I am currently running 8.0(3), but now I ge the problem running 8.0(2) also.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide