I?m trying to configure the access to ASDM through the interfaz inside, but it doesn?t work. I have the following configuration:
asdm image disk0:/asdm512-k8.bin
http server enable
http 172.26.0.0 255.255.255.0 inside
http 172.24.1.0 255.255.255.0 inside
Have I to configure anything else?
Thank you very much
Your config looks pretty much ok to me, assuming that 172.26.0/24 or 172.24.1/24 are reached through the inside interface and that these are the source address of your attempt to access ASDM. I have configured it with the equivalent to what you have got and it worked for me.
A couple of points to keep in mind:
- use HTTPS rather than HTTP when pointing the browser at ASDM.
- make an attempt to access ASDM and then immediately access the device through console or telnet or whatever works for you and do sh logg. There may be log messages that point toward the error - especially if the problem is a mistake in permitting IP addresses.
- when you attempt to access ASDM what are the symptoms of the problem? Do you get a prompt or a connection refused, or what?
Yes, I?m using https://
When I use the Internet Explorer, I get "The page cannot be displayed", and If I use the Cisco ADSM Launcher, I get "Unable to launch ASDM from
Remote host closed connection during handshake".
In the log, it doesn?t appear anything.
By the other hand, If I try to use the interfaz inside to access to the ASDM, can?t I have the management interface configured?. do I have to have the management interface in shutdown?.
Thank you very much.
In my (limited) experience with this I have had both the management interface and the inside interface active. Each of the interfaces has its own IP address (and each has its own unique subnet). I have been able to use ASDM to the address of both interfaces. I was careful to use an IP address on my end station that was in the subnet of the management interface when I attempted access to the management interface and to use an IP address on my end station that was in the subnet of the inside interface when I attempted access to the inside interface. Can you clarify what IP address was on your end station when you attempted access to both the inside interface and to the management interface?
I try to access to ADSM, from the IP 172.24.1.1, in the interfaz inside. I try without problems with telnet, but i can?t use the ASDM.
I don?t Know it the problem can be the java. What version are you using?.
Thank you very much.
Your config is OK. Try update your java client software. I had same problem and a java updgrade did the job for me...
Also check your browser java settings..
Please keep the following in mind:
1. Make sure the asdm image command is poiting to the right location in your flash
2. The release notes call for Java (JRE) 1.4.2 or 1.5.0.
3. Make sure you dont see this on your show ver:
VPN-DES : Disabled
VPN-3DES-AES : Disabled
If yes, encryption must be enabled for you to generate the rsa key.
The ASDM must connect using an encrypted connection.
That connection is facilitated by the rsa key.
DES & 3DES licenses are now free. Simply forward the show ver to
and request that they enable 3des for you.
Enter the new activation key
After that do
"crypto key generate rsa"
Then try connecting with the ASDM
Hope it helps,
Use the latest Java and do the following to fix your Java Memory Issues:
1. In Control Panel open Java Plug-In
2. Set the Java Runtime Parameters in the Advanced Tab to -Xmx256m
Hope this helps.
Please make sure you have the following in the
asdm image flash:/asdm-522.bin
that will do trick.
The key thing you forget is this
crypto key generate rsa modulus 1024
You need to generate the key for ASDM access through https. If not try http.