Solved

Can't connect to ASDM on 5510

Posted on 2010-09-09
7
1,060 Views
Last Modified: 2012-05-10
I did the factory reset to a 5510 and now I can't connect to the 5510 with ASDM.  I was getting partially connected and then it would pop up a 2nd window about Authentication.  But it would not take the admin password or enable password.  Now, for some reason, I can't even get that far.

Here is rc:

: Saved
: Written by enable_15 at 08:57:34.740 UTC Thu Sep 9 2010
!
ASA Version 8.0(2)
!
hostname ciscoasa
enable password YssSUBGcO5wEz/nY encrypted
names
dns-guard
!
interface Ethernet0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/1
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa802-k8.bin
ftp mode passive
pager lines 24
logging asdm informational
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:55d31d8844404dcc2be8f685f1448ac6
0
Comment
Question by:Talon0926
  • 4
  • 2
7 Comments
 

Author Comment

by:Talon0926
ID: 33638661
Addtl info...

I can connect to another 5510 running same ASA and ASDM software with my computer.

When trying to connect to this new one I get "Connection Timed Out"...

So - I'm fairly sure it's not Java related...  I must be missing something in the config...
0
 
LVL 16

Expert Comment

by:InteraX
ID: 33638683
It doesn't look like you have any user accounts setup. Have you tried username pix?
Also, if you issue a sh ver, is it listing the correct verion of ASDM.
Finally, I'm not sure the http server is enabled. Try issuing http server enable.
0
 

Author Comment

by:Talon0926
ID: 33638774
I did the http server enable command

sh ver shows this:


Cisco Adaptive Security Appliance Software Version 8.0(2)
Device Manager Version 6.0(2)

Compiled on Fri 15-Jun-07 19:29 by builders
System image file is "disk0:/asa802-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 43 mins 2 secs

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.04
 0: Ext: Ethernet0/0         : address is 5475.d0df.12c0, irq 9
 1: Ext: Ethernet0/1         : address is 5475.d0df.12c1, irq 9
 2: Ext: Ethernet0/2         : address is 5475.d0df.12c2, irq 9
 3: Ext: Ethernet0/3         : address is 5475.d0df.12c3, irq 9
 4: Ext: Management0/0       : address is 5475.d0df.12c4, irq 11
 5: Int: Not used            : irq 11
 6: Int: Not used            : irq 5

Licensed features for this platform:
Maximum Physical Interfaces  : Unlimited
Maximum VLANs                : 50
Inside Hosts                 : Unlimited
Failover                     : Disabled
VPN-DES                      : Enabled
VPN-3DES-AES                 : Enabled
Security Contexts            : 0
GTP/GPRS                     : Disabled
VPN Peers                    : 250
WebVPN Peers                 : 2
Advanced Endpoint Assessment : Disabled

This platform has a Base license.

Serial Number: JMX1425L1A2
Running Activation Key: 0x761aeb7a 0x54d79f66 0xd02009bc 0xac64183c 0x8718119c
Configuration register is 0x1

I'm now back to me putting in the admin ID and pw... then a 2nd window is popping up "Authentication Required"...???  I've tried the admin ID and PW and the Admin ID with the enable password...  nada...
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 16

Expert Comment

by:InteraX
ID: 33638887
Have you tried the username pix with the enable password?
0
 

Author Comment

by:Talon0926
ID: 33639011
I just tried'
pix / enable password
pix / admin password

Neither worked...
0
 
LVL 4

Expert Comment

by:ullas_unni
ID: 33639815
ok give in these commands:

asa(config)#crypto key generate rsa modulus 1024

asa(config)#http server enable

asa(config)#username test password test privilege 15

asa(config)#aaa authentication http console LOCAL
0
 

Accepted Solution

by:
Talon0926 earned 0 total points
ID: 33668186
None of that worked...  But, I was able to load a config from another 5510 and now I can access the box via ASDM.  I can now simply delete all the other settings...

Thanks for your help and efforts...
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now