Help enabling http access for Cisco ASA - (ET)

I'm having trouble enabling http on my Cisco ASA. I am trying to do this so i can download and use the Cisco ASDM.

You'll see in the screenshot i already ran
http server enable
http inside

however when i try try to browse to my device the page still wont open.
I tried browsing to it using the following

None of these are working.

cisco asa ssh
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Do you have asdm image specified?
tabushAuthor Commented:
Not that i'm aware of. What's that for and how to i set that?
Do "sh run | i asdm". If nothing comes up, check flash for asdm image "sh flash" and then configure it with "asdm image disk0:/asdm-xxx.bin".
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

I also see aaa only for ssh. You will need one https too.
aaa authentication http console LOCAL
Pete LongTechnical ConsultantCommented:
Michael OrtegaSales & Systems EngineerCommented:
I see your SNMP info points to a host on Can we assume that the internal/private subnet that you're trying to access the ASDM on is actually on the as well?

Feroz AhmedSenior Network Security  / Senior System EngineerCommented:

You are missing a very useful wivered syntax in ASA always you have apply this Syntax in Policy unless and untill you define in policy  you will not be able to access http Server whereas in Router it works with the given syntax .So,plz follow these steps in order to Access http Server.

ASA(Config-t) #Policy-Map Global_policy
ASA(Config-t)#class inspection_default
ASA(Config-t)#Inspect http

It should work if you apply this Syntax on ASA Configuration Mode.
Pete LongTechnical ConsultantCommented:
http inspection does not have to be on, to access the ASDM?

heres. mine

PetesASA# show run policy-map
policy-map type inspect dns preset_dns_map
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect icmp 
  inspect ipsec-pass-thru 
  inspect ip-options 
  inspect pptp 
 class class-default
  set connection decrement-ttl

Open in new window

And the ASDM works fine?

Service policies and ACLs (with one exception) on ASA are for the pass through traffic. The traffic directed at ASA itself isn't filtered by them.  One exception to ACLs is the keyword "control-plane" which allows to filter control-plane traffic destined to ASA.
tabushAuthor Commented:
Thanks everyone for your answers. I am still having trouble though.
@sim50. Yes it does look like it was enabled. See screenshot. Not sure if "no asdm history enabled" is an issue.
ASDM image file
I also ran this command however dont think helped: aaa authentication http console LOCAL
Or is there a different command i should run for enabling https?

@michael. Yes i am trying to connect from a computer in that subnet.

@Feroz. I ran the first 2 commands however i'm hesitant to run the third because i dont know what affect it will have on my network.
What page do you get when you go to
What's your current version on ASA? sh ver
ASDM 5.22 is very old.

aaa authentication http console LOCAL - this configures authentication so you could login with the local user name/pw.
tabushAuthor Commented:
Software version 8.2 (5) 59

I get "this webpage cannot be found" from IE.
Chrome says "404 Not Found. The requested URL /admin/public/index.html was not found on this server."
That version of ASDM is not compatible with your ASA version. Download newer version from, upload it and do the following:
no asdm image disk0:/asdm-522.bin
asdm image disk0:/asdm-xxx.bin

asdm-xxx.bin is the new file.
Michael OrtegaSales & Systems EngineerCommented:

You should update the System and ASDM software. That version is quite old. Can you serial into the device and update the software via TFTP?

tabushAuthor Commented:
thank you.
That might be the only option however we're going to leave it on the current version. We're planning on replacing it very soon and dont want to make any big changes before we do so.
You don't need to upgrade ASA image, just ASDM image. ASA image upgrade is optional.
tabushAuthor Commented:
Are you able to attach that image file to this thread? This device doesnt have an active license with cisco so cannot login and download it.
Michael OrtegaSales & Systems EngineerCommented:

Yes, you don't need  to update the system image, which is why I only mentioned that you should update the system image as well as the ASDM image.

Attached is a recent ASDM image. Just rename it from .txt to .bin.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Muhannad AbushammaCommented:
Dear Tabush,

Try to reset the rsa keys, and test again.

Also it will be great if you provide me with show run all output.

tabushAuthor Commented:
thank you for your help
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.