Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1017
Views
0
Helpful
10
Replies

How to configure access to ADSM through the interfaz inside

nuria.andres
Level 1
Level 1

‎10-14-2006 11:36 AM - edited ‎03-09-2019 04:31 PM

Hi,

I?m trying to configure the access to ASDM through the interfaz inside, but it doesn?t work. I have the following configuration:

asdm image disk0:/asdm512-k8.bin

http server enable

http 172.26.0.0 255.255.255.0 inside

http 172.24.1.0 255.255.255.0 inside

Have I to configure anything else?

Thank you very much

Best Regards

Nuria

Labels:
0 Helpful
10 Replies 10

Richard Burts
Hall of Fame
Hall of Fame

‎10-14-2006 12:18 PM

Nuria

Your config looks pretty much ok to me, assuming that 172.26.0/24 or 172.24.1/24 are reached through the inside interface and that these are the source address of your attempt to access ASDM. I have configured it with the equivalent to what you have got and it worked for me.

A couple of points to keep in mind:

- use HTTPS rather than HTTP when pointing the browser at ASDM.

- make an attempt to access ASDM and then immediately access the device through console or telnet or whatever works for you and do sh logg. There may be log messages that point toward the error - especially if the problem is a mistake in permitting IP addresses.

- when you attempt to access ASDM what are the symptoms of the problem? Do you get a prompt or a connection refused, or what?

HTH

Rick

HTH

Rick
0 Helpful

nuria.andres
Level 1
Level 1
In response to Richard Burts

‎10-14-2006 01:38 PM

Yes, I?m using https://, to try to access to the ADSM, through the interfaz inside.

When I use the Internet Explorer, I get "The page cannot be displayed", and If I use the Cisco ADSM Launcher, I get "Unable to launch ASDM from .

Remote host closed connection during handshake".

In the log, it doesn?t appear anything.

By the other hand, If I try to use the interfaz inside to access to the ASDM, can?t I have the management interface configured?. do I have to have the management interface in shutdown?.

Thank you very much.

Best Regards

Nuria

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to nuria.andres

‎10-14-2006 04:23 PM

Nuria

In my (limited) experience with this I have had both the management interface and the inside interface active. Each of the interfaces has its own IP address (and each has its own unique subnet). I have been able to use ASDM to the address of both interfaces. I was careful to use an IP address on my end station that was in the subnet of the management interface when I attempted access to the management interface and to use an IP address on my end station that was in the subnet of the inside interface when I attempted access to the inside interface. Can you clarify what IP address was on your end station when you attempted access to both the inside interface and to the management interface?

HTH

Rick

HTH

Rick
0 Helpful

nuria.andres
Level 1
Level 1
In response to Richard Burts

‎10-15-2006 02:47 AM

I try to access to ADSM, from the IP 172.24.1.1, in the interfaz inside. I try without problems with telnet, but i can?t use the ASDM.

I don?t Know it the problem can be the java. What version are you using?.

Thank you very much.

Best Regards.

Nuria

0 Helpful

jenseike
Level 1
Level 1
In response to nuria.andres

‎10-14-2006 06:21 PM

Your config is OK. Try update your java client software. I had same problem and a java updgrade did the job for me...

Also check your browser java settings..

Jens

0 Helpful

fzamora
Cisco Employee
Cisco Employee

‎10-16-2006 04:40 PM

Hi,

Please keep the following in mind:

1. Make sure the asdm image command is poiting to the right location in your flash

2. The release notes call for Java (JRE) 1.4.2 or 1.5.0.

3. Make sure you dont see this on your show ver:

VPN-DES : Disabled

VPN-3DES-AES : Disabled

If yes, encryption must be enabled for you to generate the rsa key.

The ASDM must connect using an encrypted connection.

That connection is facilitated by the rsa key.

DES & 3DES licenses are now free. Simply forward the show ver to

licensing@cisco.com

and request that they enable 3des for you.

Enter the new activation key

"activation-key "

After that do

"crypto key generate rsa"

Then do

"write mem"

Then try connecting with the ASDM

Hope it helps,

Franco Zamora

0 Helpful

muhammad.wajeh
Level 1
Level 1
In response to fzamora

‎02-15-2007 06:32 AM

i m getting same problem which version of JVM should be use

0 Helpful

pmccubbin
Level 5
Level 5
In response to muhammad.wajeh

‎02-15-2007 07:40 AM

Use the latest Java and do the following to fix your Java Memory Issues:

1. In Control Panel open Java Plug-In

2. Set the Java Runtime Parameters in the Advanced Tab to -Xmx256m

Hope this helps.

0 Helpful

daviddtran
Level 1
Level 1
In response to pmccubbin

‎02-15-2007 08:55 AM

Please make sure you have the following in the

configuration:

asdm image flash:/asdm-522.bin

that will do trick.

David

CCIE Security

0 Helpful

hoogen_82
Level 4
Level 4
In response to daviddtran

‎02-18-2007 05:27 AM

The key thing you forget is this

crypto key generate rsa modulus 1024

You need to generate the key for ASDM access through https. If not try http.

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008054d863.html#wp1047288

Cheers

Hoogen

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents