Do the configuration and Troubleshoting following by the following article:
https://supportforums.cisco.com/document/57701/asdm-access-troubleshooting
The Steps are:
1. download the ASDM file from the cisco website:
2. Create TFTP server, and upload this bin file to flash folder in ASA flash:
copy tftp flash:/
3. After the bin file has been uploaded to Flash successfully, do the following commands are:
http 192.168.64.0 255.255.255.0 inside
asdm image flash:/asdm-714.bin
4. In the internal Managment computer, use the IE and following IP:port to access the webserver:
5. Install the Java and ASDM-IDM software.
The brief content in this article are:
---------------------------------
INTRODUCTION
This document provides the basic configuration andtroubleshooting steps for Cisco ASDM access.
Cisco ASDM provides an intuitive graphical user interfacethat makes it easy to set up, configure and manage your Cisco securityappliances.
Cisco ASDM can run as a local application or as a Java WebStart application.
The following sections will provide an overview of thecommon issues faced in accessing Cisco ASDM.
BASIC CONFIGURATION
!-- Enable listening on port 443 --!
http server enable
!-- Define what subnets on what interface are allowed toaccess the ASDM--!
http <ipsubnet> <subnet mask> <interface>
!-- Specify an ASDM image in case of multiple images on theFlash --!
asdm image<path>
Example:
http server enable
http 192.168.1.0255.255.255.0 inside
asdm imageflash:/asdm-623.bin
Verification:
show asp table socket
Protocol Socket LocalAddress ForeignAddress State
SSL 0000375f 192.168.1.1:443 0.0.0.0:* LISTEN
!-- This shows that the ASA is listening on its interface onport 443 --!
TROUBLESHOOTINGMETHOD
Step 1: Verify if youcan ping the ASA from the PC/Laptop you can access it on.
Step 2: Check thatthe necessary configuration is in place
Commands:
show run http[check if http server is enabled, and http access is allowed on the interfaceyou are trying to access.]
show run asdm[check that an asdm image is mentioned, and the version is compatible with theASA image version.]
show flash [checkthat the asdm image mentioned is present in the flash.]
Step 3: Check thatthe ASA is listening for https requests on its interface
Commands:
show asp table socket [under Local Address, you should see<interface ip>:<http server port> and in a LISTEN state.
Step 4: If step 1 to 3 are correctly done, then you might beencountering one of the problems mentioned in the next section.
ACCESS ERRORS
[interface ip for all examples is 10.76.75.48]
ASDM Launcher Fails
ASDM access worked previously via https://10.76.75.48, butfails when using the shortcut on your desktop.
本文转自 zhangfang526 51CTO博客,原文链接:http://blog.51cto.com/zhangfang526/1774342
