Cisco ASDM configuration

Hello Experts,

i have a small problem with the ASDM software at 1 of our customers.
When adding a new rule i get the screen as shown in the screencapture below.
Rule dialogue [Customer]
This, by itself, is no problem.
However, our company uses the same type ASA as well.
When we add or modify a rule it looks like the screencapture below.
Rule dialogue [Office]
How can i configure the ASDM at the customer to show the same dialogue as our own ASDM?

The stats:
At the customer
Cisco Device: ASA 5510
Firmware version: 7.2(4)
ASDM version: 5.2(4)

At the office
Cisco Device: ASA 5510
Firmware version: 7.2(3)
ASDM version: 5.2(3)  

Both the server and the workstation from witch i launch the ASDM software use the latest JAVA version.
Mark2rAsked:
Who is Participating?
 
Ernie BeekExpertCommented:
Should be: configuration>firewall>access rules
0
 
Ernie BeekExpertCommented:
Looks like the customer is using ASDM as a local application and at the office it is run as a java web start application.
0
 
SouljaCommented:
My first guess it the customer's versions would need to match yours.
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 
Mark2rAuthor Commented:
@erniebeek how would i run it as a webstart application?

I started the ASDM launcher via the provided MSI file that installed the console.
Both in the office and at the customer.

@soulja
The product manual of the ASDM 5.2(4) launcher speaks about the same fields as shown in the screenshot of the ASDM at our office, which is ASDM 5.2(3).
Hence i drew the conclusion that this is not caused by software versions.
0
 
Ernie BeekExpertCommented:
Connect to the ip address of the firewall (https) and log on. On the welcome page you will have the choice to download the application or use the webstart.
0
 
Mark2rAuthor Commented:
Well, the ASDM won't launch from the website, could this be caused by a bad JAVA install? or by the fact the it is being run from a Windows 2008 R2 server?

Still, the ASDM launches from the ASDM launcher where the add dialogue is still wrong.
0
 
Ernie BeekExpertCommented:
There are issues with java, JRE 6u10 doesn't work that well. Try 6u7 instead: http://java.sun.com/products/archive/j2se/6u7/index.html
0
 
Mark2rAuthor Commented:
even with the older JAVA version i still do not have any more options in the add-rules dialogue.
0
 
Ernie BeekExpertCommented:
But you are running the webstart? It doesn't change anything with the local version of course.
0
 
Mark2rAuthor Commented:
I tested this on 2 servers.
1 server with JAVA 6 update 24 and 1 server with JAVA 6 update 7.

On both of the servers i was unable to start the webstart, it just keeps loading after confirming the warnings. (The site is in local intranet with all security options disabled)
0
 
Ernie BeekExpertCommented:
Ok, let me see if I can reproduce that.

In the meantime, are you able to try and run it on a workstation (no server) to see if that does work?
0
 
Mark2rAuthor Commented:
Well, i've tried to run the manager from a desktop pc.

Unfortunately, it is exactly the same as on the server.
 Workstation view when adding rule
Is there a hidden option on the ASA?
0
 
Mark2rAuthor Commented:
The problem still exists.

Can i use the commandline interface to add the needed rules?
Could you give me a pointer at what i need to type in the commandline?

I need to redirect several ports from 1 public IP to 10 different private IP's
example;
Public IP >> public port>> internal port >> internal IP
99.99.99.99 >> 81 >> 80 >> 192.168.135.100
99.99.99.99 >> 82 >> 80 >> 192.168.135.101
99.99.99.99 >> 83 >> 80 >> 192.168.135.102
etc.

If you could give me a pointer if this is even possible, thanks!
0
 
Ernie BeekExpertCommented:
Haven't been able to reproduce it yet, but I can help you with this.

Static (inside,outside) tcp 99.99.99.99 81 192.168.135.100 80 netmask 255.255.255.255
Static (inside,outside) tcp 99.99.99.99 82 192.168.135.101 80 netmask 255.255.255.255
Static (inside,outside) tcp 99.99.99.99 83 192.168.135.102 80 netmask 255.255.255.255

access-list outside permit tcp any host 99.99.99.99 eq 81
access-list outside permit tcp any host 99.99.99.99 eq 82
access-list outside permit tcp any host 99.99.99.99 eq 83

access-group outside in interface outside

Assuming here that the intreface have the default names (inside and outside).
0
 
Mark2rAuthor Commented:
thanks for the reply ernie,

We upgraded our own ASA5510 to the latest firmware version

ASA version 8.4(1)
ASDM version 6.4(1)

and quess what, we now have the same as we have at our customer.
Any guess where the option could be to change the access rule dialogue?
0
 
Mark2rAuthor Commented:
i had a cisco support engineer take a look at it.

It turns out that it was a design change as of version 7.4

too bad :(

thanks for the help anyway!
0
 
Mark2rAuthor Commented:
Cisco support engineer had a look at the problem and told us it was a design feature
0
 
Ernie BeekExpertCommented:
Well, that's good to know for future reference.

And Thx for the points :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.