Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Initial ASA 5505 config issues

Initial ASA 5505 config issues 8 years 1 month ago #27814

  • nwally
  • nwally's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Good Day everyone,

I am configuring 2 new ASA 5505's for a customer and i am running into an issue. I can log in to the default config of the ASA without an issue from my laptop and make the initial configs. When i apply the new IP's tho the ASA it disconnects me (as expected). When i try to re log into the ASA using the new inside IP, i can't connect. This ASA is not part of a network yet. We are switching ISP's and this is the only device hooked so far to the new ISP Switch. (we have not cutover yet.) I changed the IP of my laptop to coincide with the new ip of the switch and i and i cant connect. I can ping the device but i can't get in through the GUI. I am not strong in command line but i know how to connect through the console and get a config if that will help someone help me.

Thanks :D
The administrator has disabled public write access.

Re: Initial ASA 5505 config issues 8 years 1 month ago #27815

  • nwally
  • nwally's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
bhasa# show run
: Saved
:
ASA Version 7.2(4)
!
hostname bhasa
domain-name hiliter1
enable password bD64fUX92Sg7RWg7 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
description Gateway
nameif inside
security-level 100
ip address 10.0.0.1 255.0.0.0
!
interface Vlan2
description Internet
nameif outside
security-level 0
ip address xx.xxx.202.65 255.255.255.240
!
interface Vlan3
no forward interface Vlan1
nameif dmz
security-level 50
no ip address
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
dns server-group DefaultDNS
domain-name hiliter1
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 10.0.0.2-10.0.0.254 netmask 255.0.0.0
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!

!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:8caf4638b21af3eb8bb345b5532bf06b
The administrator has disabled public write access.

Re: Initial ASA 5505 config issues 8 years 1 month ago #27827

  • Patiot
  • Patiot's Avatar
  • Offline
  • Frequent Member
  • Posts: 45
  • Karma: 0
I think you are talking about ASDM, if so here is what you have to do .


From the output that you posted :

http server enable
http 192.168.1.0 255.255.255.0 inside ----> enables asdm access from 192.168.1.0 network .

Solution :

Say you change the ip from 192.168.1.0 to 192.168.10.0

Then you need to add

http 192.168.10.0 255.255.255.0 inside

Thanks
PAtiot
The administrator has disabled public write access.
Time to create page: 0.078 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup