10-14-2006 11:36 AM - edited 03-09-2019 04:31 PM
Hi,
I?m trying to configure the access to ASDM through the interfaz inside, but it doesn?t work. I have the following configuration:
asdm image disk0:/asdm512-k8.bin
http server enable
http 172.26.0.0 255.255.255.0 inside
http 172.24.1.0 255.255.255.0 inside
Have I to configure anything else?
Thank you very much
Best Regards
Nuria
10-14-2006 12:18 PM
Nuria
Your config looks pretty much ok to me, assuming that 172.26.0/24 or 172.24.1/24 are reached through the inside interface and that these are the source address of your attempt to access ASDM. I have configured it with the equivalent to what you have got and it worked for me.
A couple of points to keep in mind:
- use HTTPS rather than HTTP when pointing the browser at ASDM.
- make an attempt to access ASDM and then immediately access the device through console or telnet or whatever works for you and do sh logg. There may be log messages that point toward the error - especially if the problem is a mistake in permitting IP addresses.
- when you attempt to access ASDM what are the symptoms of the problem? Do you get a prompt or a connection refused, or what?
HTH
Rick
10-14-2006 01:38 PM
Yes, I?m using https://
When I use the Internet Explorer, I get "The page cannot be displayed", and If I use the Cisco ADSM Launcher, I get "Unable to launch ASDM from
Remote host closed connection during handshake".
In the log, it doesn?t appear anything.
By the other hand, If I try to use the interfaz inside to access to the ASDM, can?t I have the management interface configured?. do I have to have the management interface in shutdown?.
Thank you very much.
Best Regards
Nuria
10-14-2006 04:23 PM
Nuria
In my (limited) experience with this I have had both the management interface and the inside interface active. Each of the interfaces has its own IP address (and each has its own unique subnet). I have been able to use ASDM to the address of both interfaces. I was careful to use an IP address on my end station that was in the subnet of the management interface when I attempted access to the management interface and to use an IP address on my end station that was in the subnet of the inside interface when I attempted access to the inside interface. Can you clarify what IP address was on your end station when you attempted access to both the inside interface and to the management interface?
HTH
Rick
10-15-2006 02:47 AM
I try to access to ADSM, from the IP 172.24.1.1, in the interfaz inside. I try without problems with telnet, but i can?t use the ASDM.
I don?t Know it the problem can be the java. What version are you using?.
Thank you very much.
Best Regards.
Nuria
10-14-2006 06:21 PM
Your config is OK. Try update your java client software. I had same problem and a java updgrade did the job for me...
Also check your browser java settings..
Jens
10-16-2006 04:40 PM
Hi,
Please keep the following in mind:
1. Make sure the asdm image command is poiting to the right location in your flash
2. The release notes call for Java (JRE) 1.4.2 or 1.5.0.
3. Make sure you dont see this on your show ver:
VPN-DES : Disabled
VPN-3DES-AES : Disabled
If yes, encryption must be enabled for you to generate the rsa key.
The ASDM must connect using an encrypted connection.
That connection is facilitated by the rsa key.
DES & 3DES licenses are now free. Simply forward the show ver to
and request that they enable 3des for you.
Enter the new activation key
"activation-key
After that do
"crypto key generate rsa"
Then do
"write mem"
Then try connecting with the ASDM
Hope it helps,
Franco Zamora
02-15-2007 06:32 AM
i m getting same problem which version of JVM should be use
02-15-2007 07:40 AM
Use the latest Java and do the following to fix your Java Memory Issues:
1. In Control Panel open Java Plug-In
2. Set the Java Runtime Parameters in the Advanced Tab to -Xmx256m
Hope this helps.
02-15-2007 08:55 AM
Please make sure you have the following in the
configuration:
asdm image flash:/asdm-522.bin
that will do trick.
David
CCIE Security
02-18-2007 05:27 AM
The key thing you forget is this
crypto key generate rsa modulus 1024
You need to generate the key for ASDM access through https. If not try http.
Cheers
Hoogen
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: