Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Test ASA if it is listening on Port 80 or 443

Posted on 2014-12-17
5
Medium Priority
?
529 Views
Last Modified: 2015-02-04
I have the ASA firewall configured as http server, so that it will allow the computer located in Network 192.168.61.0/24 to run ASDM and access ASA, and it works perfect.

 
ciscoasa# sh run | include http
http server enable
http 192.168.61.0 255.255.255.0 inside

However when I test the inside interface (through which ASDM session is coming through), if it is listening on port 80 or port 443, it does not reply for TCP , but it does reply on Ping request

Ping TCP:
ciscoasa# ping tcp  192.168.62.6 80
Type escape sequence to abort.
No source specified. Pinging from identity interface.
Sending 5 TCP SYN requests to 192.168.62.6 port 80
from 192.168.62.6, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
ciscoasa#

Open in new window



Ping IP:
ciscoasa# ping 192.168.62.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.62.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
ciscoasa#

Open in new window



any help will be  very much appreciated.

Thanks
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 28

Assisted Solution

by:asavener
asavener earned 800 total points
ID: 40507776
You should have a management address, which is different from the various interface addresses.
0
 

Author Comment

by:jskfan
ID: 40508240
I am accessing ASA inside interface. It got to be the Management interface. Correct ?
I am also connecting with ASDM to ASA using the ASA inside interface IP address.
0
 

Author Comment

by:jskfan
ID: 40513176
I fixed the problem...
I needed to NAT the IP address of the Web Server to the Outside interface
0
 
LVL 5

Accepted Solution

by:
Feroz Ahmed earned 1200 total points
ID: 40589399
Hi ,

As it is listening on port 80,443 you can just do modifications on Server from where you are trying to access ASDM at OS level.Login to WebServer to Registry and make modifications on following path as below :

HKLM---------System---------Currentcontrolset-----Services--------LSA on right hand side you will see RestrictAnonymousSam (by default its value is set to 0 you can change the value to 1 or 2 depending on Operating System on your webserver.If it is Win2k the value should be 1 and if it is win2k3 then the value should be 2 just do the modifications and restart your web server and now try on ASA whether you are able to listen on port 80,443 just try once and see).
0
 

Author Closing Comment

by:jskfan
ID: 40590180
I thought I closed the Question:
I fixed the problem...
 I needed to NAT the IP address of the Web Server to the Outside interface

Thank you
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question