Announcement

Collapse
No announcement yet.

[HELP] ASDM error ASA 5505

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [HELP] ASDM error ASA 5505

    Hi.

    I wanted to change the ip range on a new ASA 5505 to fit in to an existing network. I therefore ran Setup Wizard, and changed to IP address to 192.168.0.1 and range to 192.168.0.x and removed the DHCP server function (an SBS 2003 server is the DHCP server).
    After that I am not able to connect to the ASA with ASDM (I have changed the IP on the client to 192.168.0.2).
    I then ran the command config factory-default, but still not able to connect with ASDM. I am no command expert.

    Show running-config:
    interface Vlan1
    no nameif
    no security-level
    no ip address
    !
    interface Ethernet0/0
    shutdown
    !
    interface Ethernet0/1
    shutdown
    !
    interface Ethernet0/2
    shutdown
    !
    interface Ethernet0/3
    shutdown
    !
    interface Ethernet0/4
    shutdown
    !
    interface Ethernet0/5
    shutdown
    !
    interface Ethernet0/6
    shutdown
    !
    interface Ethernet0/7
    shutdown
    !
    ftp mode passive
    pager lines 24
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    telnet timeout 5
    ssh timeout 5
    console timeout 0

    What am I doing wrong?
    Regards Steffen

  • #2
    Re: [HELP] ASDM error ASA 5505

    My guess would be that the ASDM access was only allowing access from a specific IP/Subnet and when you changed the ASA's IP address these IPs were no longer valid.
    Then when you reset the ASA to defaults it no longer allows ASDM access (can see from your config that there are no HTTP commands shown).

    so basically try this:
    http://www.cisco.com/en/US/docs/secu...html#wp1047288
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: [HELP] ASDM error ASA 5505

      I did configure factory-default to start from the beginning.

      Regards Steffen

      Comment


      • #4
        Re: [HELP] ASDM error ASA 5505

        Try steps 1 and 2 to configure your local machines IP address to access it. The config you have posted has no access for ASDM (i.e. no "http server enable" etc)
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: [HELP] ASDM error ASA 5505

          Start reading from here:
          http://www.netcraftsmen.net/welcher/papers/asdm01.html

          Btw, you can better use the SBS server as the DHCP server.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: [HELP] ASDM error ASA 5505

            you should run conf factory-default and then write the config. It looks like the config has not saved as you should have DHCP enabled as per the factory default command

            Michael
            Michael Armstrong
            www.m80arm.co.uk
            MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

            Comment


            • #7
              Re: [HELP] ASDM error ASA 5505

              Hi Steffen,

              I don't know if you solved it yet ... but:
              Andy's suggestion was spot on.
              What you need to get ASDM working is the following:

              hostname xxxx
              domain-name xxxx.xxxx
              ..
              interface Ethernet1
              speed 100
              duplex full
              nameif inside
              security-level 100
              ip address x.x.x.x y.y.y.y
              ...
              asdm image flash:/asdm'xxx'.bin (TFTP this .bin first to flash)
              ...
              username xxxx password xxxx encrypted privilege 15

              http server enable
              http x.x.x.x y.y.y.y inside (allowed subnet or specific ip if you want.)

              Greetz

              Jaap

              Comment

              Working...
              X