Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cannot get ASDM to run.

Hi All. I going crazy here :-) Below is the config from my ASA5520, and I just cannot connect to the ASDM. From the browser I put in 192.168.1.1 and the page just times out, no page available at all.
Any help please :-) Thanks everyone.


ciscoasa# show run
: Saved
:
ASA Version 8.2(5)48
!
hostname ciscoasa
enable password v9jZqu/1TPaW0 encrypted
passwd 2KFbNIdI.KYOU encrypted
names
!
interface GigabitEthernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-731.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:80854f6d93a65a0031fc6bcb8069ad26
: end
ciscoasa#






ciscoasa# show flash
--#--  --length--  -----date/time------  path
   76  15464448    Aug 17 2014 04:41:00  asa825-48-k8.bin
   77  25088760    Aug 17 2014 05:15:46  asdm-731.bin
    3  4096        Aug 17 2014 04:43:54  log
    8  4096        Aug 17 2014 04:44:04  crypto_archive
    9  4096        Aug 17 2014 04:44:08  coredumpinfo
   10  43          Aug 17 2014 04:44:08  coredumpinfo/coredump.cfg

255320064 bytes total (214401024 bytes free)
ciscoasa# 
    Everyone's tags (1)
    3 REPLIES
    VIP Purple

    You have to access the ASDM

    You have to access the ASDM through HTTPS, not HTTP:

    https://192.168.1.1


    --
    Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
    New Member

    Thanks Karsten. The actual

    Thanks Karsten. 

    The actual problem was that I don't have a VPN-3DES-AES License which is requiered by ASDM to run. 

    I will order a this license and upgrade.

    Thanks, Best regards

    VIP Purple

    You don't have to order that

    The ASDM won't run without HTTPS. You don't have to order that license. You get it free of charge on the licensing portal: http://www.cisco.com/go/license


    --
    Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
    105
    Views
    0
    Helpful
    3
    Replies
    CreatePlease to create content