We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 581 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

295 New Members signed up the last 30 days!

satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Hi Joseph,

    ASDM and Java can be an issue.

    First of all, ASDM 603 is ancient by now. I would start by upgrading it to the latest version, see what happens then.

    Rene

  2. Hi,

    I've got a cisco asa 5510 with asa917-12-k8.bin image and asdm-762-150.bin asdm version on the firewall. I wanted to lab this up physically and not thru gns. I followed the steps but wasn't able to get thru. I tried chrome and edge browsers. I am consoled up to the asa from my pc. But I'm thinking that I need a layer 3 connection. Can you help steer me in the right direction. I went thru the forum and didn't see my unique issue

    Thanks in advance

  3. Hello Christopher

    When you say you weren't able to "get thru" do you mean that you were unable to connect via a web GUI to the firewall? In order to use the ASDM to configure the ASA, you must have layer 3 access. The console connection will not allow you to work with ASDM. Take a look at this Cisco documentation on how to prep an ASA to function using ASDM 7.6.

    I hope this has been helpful!

    Laz

  4. HI,
    Thank you for the link. Im still kind of stuck and wondered if you can point me in the right direction please. I have a cisco 2821 router with a gig0/0 interface plugged into the cisco asa 5510 ethernet 0/0 port. I have pasted in the asa config in hopes that you might see what might be wrong. i cannot ping from the router to the asa. both are in the 192.168.2.0 subnet. i tried both straight and cross over after hearing that asa interfaces dont have the auto sensing mdix stuff. could you let me know what my issue is please.

    ciscoasa# sh running-config
    : Saved
    :
    : Serial Number: xxxxx
    : Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
    :
    ASA Version 9.1(7)12
    !
    hostname ciscoasa
    enable password 8Ry2YjIyt7RRXU24 encrypted
    names
    !
    interface Ethernet0/0
     no nameif
     security-level 100
     ip address 192.168.2.2 255.255.255.0
    !
    interface Ethernet0/1
     shutdown
     no nameif
     no security-level
     no ip address
    !
    interface Ethernet0/2
     shutdown
     no nameif
     no security-level
     no ip address
    !
    interface Ethernet0/3
     shutdown
     no nameif
     no security-level
     no ip address
    !
    interface Management0/0
     management-only
     nameif management
     security-level 100
     ip address 192.168.1.1 255.255.255.0
    !
    ftp mode passive
    pager lines 24
    mtu management 1500
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-762-150.bin
    no asdm history enable
    arp timeout 14400
    no arp permit-nonconnected
    timeout xlate 3:00:00
    timeout pat-xlate 0:00:30
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    aaa authentication http console LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 management
    no snmp-server location
    no snmp-server contact
    crypto ipsec security-association pmtu-aging infinite
    crypto ca trustpool policy
    telnet timeout 5
    ssh stricthostkeycheck
    ssh timeout 5
    ssh key-exchange group dh-group1-sha1
    console timeout 0
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd enable management
    !
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    username ADMIN password WpmDdjXRzvy3bJoo encrypted privilege 15
    !
    class-map inspection_default
     match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
     parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect ip-options
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:20f9079b68e70577a4883cc406ee836d
    : end
    ciscoasa#
  5. Hello Christopher

    I'm not sure why you are unable to ping. However, you can turn debugging on on the ASA and see if the ping actually reaches the device, and if so why it doesn't respond. If there is no debug output, the ping doesn't actually reach the device. If it does, it will tell you why/if it doesn't respond.

    As far as MDIX support, the ASA supports both crossover and straight-through cables.

    Let us know your results. I hope this helps.

    Laz

17 more replies! Ask a question or join the discussion by visiting our Community Forum