Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Management access (ASDM/console) to FWSM through the outside interface (Sec level 0)

What am I not able to have admin access (ASDM/console) on FWSM through the outside interface (Sec level 0)

Everyone's tags (3)
16 REPLIES
Cisco Employee

Admin access (ASDM/console) on FWSM through the outside interfac

Hi,

Is the FWSM in multiple context? Have you allowed your network to have asdm access to the outside? Could you post the "sh run" here?

Regards,

Anu

New Member

Admin access (ASDM/console) on FWSM through the outside interfac

Its not in multi-context

Access has been enabled , but still iam not able to connect from outside interface or routed vlan's, however iam able to access from all inside interfaces (higher sec level)

http server enable

http 10.0.X.0 255.255.255.0 outside

management-access outside

asdm location 10.0.x.x 255.255.255.255 outside

Cisco Employee

Admin access (ASDM/console) on FWSM through the outside interfac

Hi Kauser,

The IP you're using is a Private IP. i would expect to see a public IP subnet in those commands, since you're trying to connect to the outside interface from an outside network.

Hope this helps!

Regards,

Anu

New Member

Admin access (ASDM/console) on FWSM through the outside interfac

The outside and inside interfaces  are virtual interfces separating priviate vlans in a core switch hosting  servers.

.Basically iam not able to get admin access from  security level 0 interface .I need to find out whether there is any way  to achieve this

Red

Admin access (ASDM/console) on FWSM through the outside interfac

Hi Kausar,

Can you provide the configuration that you ahve done for admin access on outside along with the running-config.

Varun

Thanks, Varun Rao Security Team, Cisco TAC
Red

Admin access (ASDM/console) on FWSM through the outside interfac

Hi Kauser,

The location from you are testing needs to be connected to the outside interface, I am not sure, but it seems that you are trying to connect from a PC which is on the inside interface,  you would not be able to access the ASDM from a remote interface. You can ASDM into the firewall from internet, for which the request would fall on the outside interface, in your case i guess the request is coming on the inside interface, for ASDM on outside, which is not correct.

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
New Member

Admin access (ASDM/console) on FWSM through the outside interfac

The outside and inside interfaces are virtual interfces separating priviate vlans in a core switch hosting servers.

.Basically iam not able to get admin access from security level 0 interface .I need to find out whether there is any way to achieve this

Cisco Employee

Re: Admin access (ASDM/console) on FWSM through the outside inte

Hi Kauser,

Could you post the output of "show run int" from the FWSM here? Also, is the FWSM running in multiple context?

Regards,

Anu

New Member

Admin access (ASDM/console) on FWSM through the outside interfac

Firewall/6# sh run int

!

interface Vlan5

nameif DMZ5

security-level 50

ip address 10.X.X.X 255.255.255.0

!

interface Vlan6

nameif DMZ6

security-level 50

ip address 10.X.X.X 255.255.255.0

!

interface Vlan7

nameif DMZ7

security-level 50

ip address 10.X.X.X 255.255.255.0

!

.

.

.

.

interface Vlan100

nameif outside

security-level 0

ip address 10.X.X.X 255.255.255.252

!

interface Vlan101

description LAN Failover Interface

!.

interface Vlan102

nameif inside

security-level 100

ip address 10.X.X.X 255.255.255.0

Cisco Employee

Admin access (ASDM/console) on FWSM through the outside interfac

Hi Kauser,

Is NAT enabled on the firewall? How does the world see the outside IP? What is the next hop for this firewall(def route)? It would be great if you can post the output of "sh run" here.

Regards,

Anu

New Member

Admin access (ASDM/console) on FWSM through the outside interfac

Dear,

This is an FWSm module with default route to Core Sw MSFC , the outside IP can be reached from any access vlan in core sw

Cisco Employee

Admin access (ASDM/console) on FWSM through the outside interfac

Hi Kauser,

What is the IP address of the host from where you're trying to reach the FWSM outside interface? Give me an eg.

Regards,

Anu

New Member

Admin access (ASDM/console) on FWSM through the outside interfac

Anybody experiencing the same difficult , is there any workaround ?

Management access (ASDM/console) to FWSM through the outside int

Hello Kausar,

First of all lets take out all the ASDM configuration ( just in case the ASDM daemon got stuck)

no  http server enable

no http 10.0.X.0 255.255.255.0 outside

Now can you add the following command just to test the connection?

http server enable

http 0 0 outside

If this do not work,I would like to see the debug for the http protocol

Debug http

Please provide the output of the debug.

Regards,

Please rate helpful posts!!

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Admin access (ASDM/console) on FWSM through the outside interfac

HI Julio,

Iam able to open asdm from all the security vlans , except from outside .

Regards

Admin access (ASDM/console) on FWSM through the outside interfac

Hello Kausar,

Thanks for the info, I read that on the previous posts.

Can you provide the information I request??

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
4306
Views
0
Helpful
16
Replies