ASA5510

I have an ASA5510 and am unable to connect with Cisco SDM?
I have set a Management IP address and can ping this.
The Cisco SDM just stops and says the Application will open in another window. (not pop up blocker)
Any ideas advice welcome
Rbauckham69Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MikeKaneCommented:
What browser are you using to connect?   What version of Java?  Do other popups work on your system?  
0
Rbauckham69Author Commented:
yes pop ups work
IE 8 or firefox

i think i would like to start afresh. How can i wipe the asa totally as new?
0
MikeKaneCommented:
This should reset everything - like out of the box.

devicename>en
devicename#conf t
devicename(config)#write erase
devicename(config)#revert webvpn all
devicename(config)#delete disk0:sdesktop/data.xml
devicename(config)#config factory-default
devicename(config)#reload
0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

tombourCommented:
You need the ASDM to configure the ASA per default.



0
Rbauckham69Author Commented:
Ok i've completed the above except for revert webvpn all (as unrecognised)
the management ip / dhcp has been reset but the hostname and ena password still the same?
0
Rbauckham69Author Commented:
still can't connect through SDM

i can ping ip address. but went i connect says
1. either can't connect to ip
2.http/https not enabled on router

conf below


ciscoasa#
ciscoasa# sh run
: Saved
:
ASA Version 7.0(8)
!
hostname ciscoasa
enable password Ih2vDE020Cd3LFw/ encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
!
interface Ethernet0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/1
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
!
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
dhcpd enable management
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
Cryptochecksum:ae98382250cf9a8a9ed58a31d745cd6a
: end
ciscoasa#
0
MikeKaneCommented:
If you are trying to access via the ASDM, then you are missing the ASDM image line...  

for example.
asdm image disk0:/asdm-623.bin
asdm location 192.168.1.0 255.255.255.0 management

The asdm image must match up with the ASA version 7.0(8) you are running, ATM I forget the version that matches, but the cisco download site will guide you.  

From the Getting Started guide:
Downloading the ASDM Launcher

The ASDM Launcher is for Windows only. The ASDM Launcher is an improvement over running ASDM as a Java Applet. The ASDM Launcher avoids double authentication and certificate dialog boxes, launches faster, and caches previously-entered IP addresses and usernames.

To download the ASDM launcher, perform the following steps:

Step 1 From a supported web browser on the security appliance network, enter the following URL:

https://interface_ip_address


In transparent firewall mode, enter the management IP address.

Note Be sure to enter https, not http.

Step 2 Click OK or Yes to all prompts, including the name and password prompt. By default, leave the name and password blank.

A page displays with the following buttons:

•Download ASDM Launcher and Start ASDM

•Run ASDM as a Java Applet

Step 3 Click Download ASDM Launcher and Start ASDM.

The installer downloads to your PC.

Step 4 Run the installer to install the ASDM Launcher.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rbauckham69Author Commented:
OK....nearly there...
I can download and install ASDM or run from applet but neither fully load.
the installed asdm opens and asks for ip address and logon credentials but then disappears.

currently the ios ver is 708 and asdm ver 508

I have another ios (asa804-k8.bin) and other asa-602.bin on disk0:
but how can i get startup to load these insted of the ones above

Thnaks for you assistance

0
MikeKaneCommented:
The ASDM version loaded is defined in the setup by this line.

asdm image disk0:/<name of asdm image to use>



The version of the ASA code to use is usually auto selected to be the most recent in the Flash: directory.    But you can always explicitly specify the one to use with:

boot system disk0:/<name of asa bin code to load>




0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.