Link to home
Start Free TrialLog in
Avatar of dolphan757
dolphan757

asked on

How to enable the web interface on an Cisco ASA 5510

We have Cisco ASA 5510 and I am looking to enable the Remote access VPN. I know you have to purchase additional licenses for the clientless vpn but I want to enable a public ip that employees can go to and lig into with their Domain credentials. I know you can create a login page and users can see links for the comapny portal, Time entry software, and other customized links. How do i enable this? Does I have to purchase any additional software for the ASA or does it come with this out of the box?
Avatar of InteraX
InteraX
Flag of United Kingdom of Great Britain and Northern Ireland image
If you want the IPSEC based VPN, you don't need an additional license. You only need the additional license for the SSL VPN, client based or clientless.

You can handle some forms of authentication on the ASA, but without the SSL bits, I'm not sure how much of what you are asking is achieveable.

I will double check the documentation for you.
ASKER CERTIFIED SOLUTION
Avatar of InteraX
InteraX
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DIPRAJ
DIPRAJ
Flag of India image

Allowing HTTPS Access for ASDM
To use ASDM, you need to enable the HTTPS server, and allow HTTPS connections to the security
appliance. All of these tasks are completed if you use the setup command. This section describes how
to manually configure ASDM access.
The security appliance allows a maximum of 5 concurrent ASDM instances per context, if available,
with a maximum of 32 ASDM instances between all contexts.
Note WebVPN and ASDM administration cannot be enabled on the same interface. If you enable WebVPN
on an interface, then that interface cannot be used for ASDM.
To configure ASDM access, follow these steps:
Step 1 To identify the IP addresses from which the security appliance accepts HTTPS connections, enter the
following command for each address or subnet:
hostname(config)# http source_IP_address mask source_interface
Step 2 To enable the HTTPS server, enter the following command:
hostname(config)# http server enable
Step 3 To specify the location of the ASDM image, enter the following command:
hostname(config)# asdm image disk0:/asdmfile
For example, to enable the HTTPS server and let a host on the inside interface with an address of
192.168.1.2 access ASDM, enter the following commands:
hostname(config)# crypto key generate rsa modulus 1024
hostname(config)# write mem
hostname(config)# http server enable
hostname(config)# http 192.168.1.2 255.255.255.255 inside
To allow all users on the 192.168.3.0 network to access ASDM on the inside interface, enter the
following command:
hostname(config)# http 192.168.3.0 255.255.255.0 inside

Avatar of DIPRAJ
DIPRAJ
Flag of India image
http://www.cisco.com/en/US/docs/security/asa/asa72/getting_started/asa5505/quick/guide/setup.html

Alternatively, you can add the following config lines:
http server enable
http <IPaddress> <mask> <interface>