Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Bronze

Noob Questions

Alright, so I am a complete newbie to the ASA (I worked with the Pix 515 way back but I admit I have forgotten most everything).

First question - how do I connect to the ADSM? Do I need to load software on my laptop or can I just point a browser and go to it after going through the setup wizard for the ASA?

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Noob Questions

Jim

SSH - yes to the outside

ASDM - yes using https

Telnet - no unless you do it through an IPSEC vpn.

Jon

8 REPLIES

Re: Noob Questions

Jim,

ASDM can be loaded VIA a web browser by connecting to the ASA, or be installed on your local PC.

If you connect to the ASA:

https://asaipaddress

You are prompted to either load the applet for one time use, or download and install ASDM to your local PC.

HTH,

Mark

Bronze

Re: Noob Questions

Thanks Mark. Nice to know that it is simple.

Another question. I am upgrading a 515E (v 6.3) to a ASA 5505. With the amount of configuration done to the 515E, I was thinking the easiest way to upgrade to the 5505 would be to simply copy the configuration over from the one Pix to the ASA. From the research I've done, it sounds like this would work and that the ASA will actually convert some of the old commands with the new syntax (where necessary).

Am I going about this the right way? Or is there another way in which most people would do this upgrade?

Any help is appreciated!

Jim

New Member

Re: Noob Questions

Jim,

As far as I know , not all the configuration can be copy-pasted , but there is a tool on cisco where you can convert the older configuration files to newer ones and still you might have some missing from the new config.

Vlad

Bronze

Re: Noob Questions

Thanks, Vlad. I found the conversion tools (PixtoASAsetup.exe and OCC-121.zip) to use.

I hope this will convert enough of it to be useful (I only get one small window to do this upgrade).

Jim

Bronze

Re: Noob Questions

Hey -

Just a general question. In the old days, you had to use SSH to access a public interface of a PIX. Is this still the case today or does the ASDM allow you to HTTPS to an outside ip address?

Thanks,

Jim

Re: Noob Questions

If I remember correctly outside access is disabled by default. You can configure outside access to the firewall (SSH, telnet or ASDM.. etc) from the outside if needed. Generally I will use remote access VPN to access the firewall instead of just accessing the outside interface. You can reference this with the ASA configuration guide for more info.

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/mgaccess.html#wp1042016

HTH,

Mark

Edit: Jon is correct with SSH and ASDM from the outside. I guess I didn't remember correctly...

Hall of Fame Super Blue

Re: Noob Questions

Jim

SSH - yes to the outside

ASDM - yes using https

Telnet - no unless you do it through an IPSEC vpn.

Jon

Bronze

Re: Noob Questions

Thanks guys - I'm piecing it together.

I'm setting up a site2site vpn and was starting to think about how to access the second remote ASA when there is no tunnel configured yet. Sounds like I'll need to a basic config and ship it out there (making sure I can reach the outside ip before it leaves the office).

Seems funny to need to ask all these basic Q's when I already know how to do the more elaborate stuff like the VPNs, Access Controls, etc.

Thanks for your help!

Jim

537
Views
10
Helpful
8
Replies
CreatePlease to create content