Talon0926
asked on
Can't connect to ASDM on 5510
I did the factory reset to a 5510 and now I can't connect to the 5510 with ASDM. I was getting partially connected and then it would pop up a 2nd window about Authentication. But it would not take the admin password or enable password. Now, for some reason, I can't even get that far.
Here is rc:
: Saved
: Written by enable_15 at 08:57:34.740 UTC Thu Sep 9 2010
!
ASA Version 8.0(2)
!
hostname ciscoasa
enable password YssSUBGcO5wEz/nY encrypted
names
dns-guard
!
interface Ethernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa802-k8.bin
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-reco
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:55d31d88444
Here is rc:
: Saved
: Written by enable_15 at 08:57:34.740 UTC Thu Sep 9 2010
!
ASA Version 8.0(2)
!
hostname ciscoasa
enable password YssSUBGcO5wEz/nY encrypted
names
dns-guard
!
interface Ethernet0/0
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa802-k8.bin
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-reco
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:55d31d88444
It doesn't look like you have any user accounts setup. Have you tried username pix?
Also, if you issue a sh ver, is it listing the correct verion of ASDM.
Finally, I'm not sure the http server is enabled. Try issuing http server enable.
Also, if you issue a sh ver, is it listing the correct verion of ASDM.
Finally, I'm not sure the http server is enabled. Try issuing http server enable.
ASKER
I did the http server enable command
sh ver shows this:
Cisco Adaptive Security Appliance Software Version 8.0(2)
Device Manager Version 6.0(2)
Compiled on Fri 15-Jun-07 19:29 by builders
System image file is "disk0:/asa802-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 43 mins 2 secs
Hardware: ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: Ethernet0/0 : address is 5475.d0df.12c0, irq 9
1: Ext: Ethernet0/1 : address is 5475.d0df.12c1, irq 9
2: Ext: Ethernet0/2 : address is 5475.d0df.12c2, irq 9
3: Ext: Ethernet0/3 : address is 5475.d0df.12c3, irq 9
4: Ext: Management0/0 : address is 5475.d0df.12c4, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 50
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 0
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 2
Advanced Endpoint Assessment : Disabled
This platform has a Base license.
Serial Number: JMX1425L1A2
Running Activation Key: 0x761aeb7a 0x54d79f66 0xd02009bc 0xac64183c 0x8718119c
Configuration register is 0x1
I'm now back to me putting in the admin ID and pw... then a 2nd window is popping up "Authentication Required"...??? I've tried the admin ID and PW and the Admin ID with the enable password... nada...
sh ver shows this:
Cisco Adaptive Security Appliance Software Version 8.0(2)
Device Manager Version 6.0(2)
Compiled on Fri 15-Jun-07 19:29 by builders
System image file is "disk0:/asa802-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 43 mins 2 secs
Hardware: ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: Ethernet0/0 : address is 5475.d0df.12c0, irq 9
1: Ext: Ethernet0/1 : address is 5475.d0df.12c1, irq 9
2: Ext: Ethernet0/2 : address is 5475.d0df.12c2, irq 9
3: Ext: Ethernet0/3 : address is 5475.d0df.12c3, irq 9
4: Ext: Management0/0 : address is 5475.d0df.12c4, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 50
Inside Hosts : Unlimited
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 0
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 2
Advanced Endpoint Assessment : Disabled
This platform has a Base license.
Serial Number: JMX1425L1A2
Running Activation Key: 0x761aeb7a 0x54d79f66 0xd02009bc 0xac64183c 0x8718119c
Configuration register is 0x1
I'm now back to me putting in the admin ID and pw... then a 2nd window is popping up "Authentication Required"...??? I've tried the admin ID and PW and the Admin ID with the enable password... nada...
Have you tried the username pix with the enable password?
ASKER
I just tried'
pix / enable password
pix / admin password
Neither worked...
pix / enable password
pix / admin password
Neither worked...
ok give in these commands:
asa(config)#crypto key generate rsa modulus 1024
asa(config)#http server enable
asa(config)#username test password test privilege 15
asa(config)#aaa authentication http console LOCAL
asa(config)#crypto key generate rsa modulus 1024
asa(config)#http server enable
asa(config)#username test password test privilege 15
asa(config)#aaa authentication http console LOCAL
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I can connect to another 5510 running same ASA and ASDM software with my computer.
When trying to connect to this new one I get "Connection Timed Out"...
So - I'm fairly sure it's not Java related... I must be missing something in the config...