Notable Replies

  1. Hi Asi,

    That’s no problem, let me know if you have difficulty understanding some of the topics.


  2. Hi Joseph,

    ASDM and Java can be an issue.

    First of all, ASDM 603 is ancient by now. I would start by upgrading it to the latest version, see what happens then.


  3. Hello Christopher

    When you say you weren’t able to “get thru” do you mean that you were unable to connect via a web GUI to the firewall? In order to use the ASDM to configure the ASA, you must have layer 3 access. The console connection will not allow you to work with ASDM. Take a look at this Cisco documentation on how to prep an ASA to function using ASDM 7.6.

    I hope this has been helpful!


  4. HI,
    Thank you for the link. Im still kind of stuck and wondered if you can point me in the right direction please. I have a cisco 2821 router with a gig0/0 interface plugged into the cisco asa 5510 ethernet 0/0 port. I have pasted in the asa config in hopes that you might see what might be wrong. i cannot ping from the router to the asa. both are in the subnet. i tried both straight and cross over after hearing that asa interfaces dont have the auto sensing mdix stuff. could you let me know what my issue is please.

    ciscoasa# sh running-config
    : Saved
    : Serial Number: xxxxx
    : Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
    ASA Version 9.1(7)12
    hostname ciscoasa
    enable password 8Ry2YjIyt7RRXU24 encrypted
    interface Ethernet0/0
     no nameif
     security-level 100
     ip address
    interface Ethernet0/1
     no nameif
     no security-level
     no ip address
    interface Ethernet0/2
     no nameif
     no security-level
     no ip address
    interface Ethernet0/3
     no nameif
     no security-level
     no ip address
    interface Management0/0
     nameif management
     security-level 100
     ip address
    ftp mode passive
    pager lines 24
    mtu management 1500
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-762-150.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    aaa authentication http console LOCAL
    http server enable
    http management
    no snmp-server location
    no snmp-server contact
    crypto ipsec security-association pmtu-aging infinite
    crypto ca trustpool policy
    telnet timeout 5
    ssh stricthostkeycheck
    ssh timeout 5
    ssh key-exchange group dh-group1-sha1
    console timeout 0
    dhcpd address management
    dhcpd enable management
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    username ADMIN password WpmDdjXRzvy3bJoo encrypted privilege 15
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    : end
  5. Hello Christopher

    I’m not sure why you are unable to ping. However, you can turn debugging on on the ASA and see if the ping actually reaches the device, and if so why it doesn’t respond. If there is no debug output, the ping doesn’t actually reach the device. If it does, it will tell you why/if it doesn’t respond.

    As far as MDIX support, the ASA supports both crossover and straight-through cables.

    Let us know your results. I hope this helps.


Continue the discussion forum.networklessons.com

18 more replies!