Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
781
Views
0
Helpful
7
Replies

ASDM

aksher
Level 1
Level 1

‎07-12-2006 07:41 PM - edited ‎03-09-2019 03:34 PM

What is the configuration needed on the firewall or ASA when connecting to the them through ASDM.

Is it like we can access the device by using the int ip where the ASDM connects to the interface of the device.

Labels:
0 Helpful
7 Replies 7

a.kiprawih
Level 7
Level 7

‎07-13-2006 05:39 AM

Hi,

Make sure ASDM image is loaded into your PIX/ASA. Use 'show version' to verify it.

From CLI, you can run 'setup' command as a simple wizard, or manually configure it as follow:

interface management 0/0 (or inside interface)

ip address 192.168.1.1 255.255.255.0

nameif management

security-level 100

no shutdown

http server enable -----> enable web service

http 192.168.1.10 255.255.255.0 management (or inside) ---> 192.168.1.10 is the specific host allowed to access PIX/ASA via ASDM, or

http 192.168.1.0 255.255.255.0 inside ---> or allowing the whole 192.168.1.0 subnet to access it.

http://www.cisco.com/en/US/products/ps6121/products_user_guide_chapter09186a00806a2f1c.html#wp1042924

Rgds,

AK

0 Helpful

aksher
Level 1
Level 1
In response to a.kiprawih

‎07-17-2006 02:04 AM

But i am not able to launch the ASDM from my machine

my machine is on 10.32.68.172 and the conf on FWSM is too enabled http 10.323.68.172 WAN

am gettig timed out message.i think it could be a routing issue..

0 Helpful

Fernando_Meza
Level 7
Level 7
In response to aksher

‎07-17-2006 02:55 AM

Hi .. On your ASA's config .. check the IP address assigned to the WAN interface .. that is the IP address you have to use on the URL http:// x.x.x.x to connect from your PC.. Also make sure you IP address and the one that shows on the FWSM ( http y.y.y.y 255.255.255.255 WAN) are the same.

I hope it helps ... please rate it if it does !!!

0 Helpful

aksher
Level 1
Level 1
In response to Fernando_Meza

‎07-17-2006 06:41 PM

is it only when launching the ASDM from WAN that we should use WAN int ip.How about if accessed from other interfaces...

0 Helpful

a.kiprawih
Level 7
Level 7
In response to aksher

‎07-19-2006 01:03 AM

If you want to launch ASDM from other interface, you need to use IP from that particular interface as well, e.g

access from outside & DMZ -> client must use IP belongs to respective segments

http dmz

http outside

Make sure http engine/service is running

http enable

Rgds,

AK

0 Helpful

a.kiprawih
Level 7
Level 7
In response to a.kiprawih

‎07-19-2006 01:06 AM

Typo:

Make sure http engine/service is running

http server enable

0 Helpful

grant.maynard
Level 4
Level 4

‎07-17-2006 03:12 AM

do a "show Version" - does it show ADSM version? If not, do "dir flash:" to see ADSM image name, then add "asdm image ..." to config. Now "show version" should show it.

ASDM is https, not http.

0 Helpful
Customers Also Viewed These Support Documents