ASA 5510 ASDM Does not run

[Jameyw911]

I have a new Cisco ASA 5510 that I am setting up and getting ready to replace a PIX515-E with. I have most of it set up and did so using the CLI however, there are a few things that I find easier to do in ASDM. I launch my browser and go to the IP address of the unit and the screen comes up with the choice to either download ASDM Launcher and start ASDM or run ASDM as a Java applet. If I cick on the first one, it downloads and installs ASDM launcher. When I try to run ASDM from the launcher or as a Java app, I get the password prompts, enter the passwords, but then nothing else happens. If using the Java app, I have a browser window sitting there saying "DO NOT CLOSE". Using the launcher I see asdm-launcher.exe running in task manager but no user interface ever comes up.

I have checked, http server is enabled and is good for my LAN ip addresses. I have reviewed the config numerous times. Anything I should be looking for?

Thanks in advance

Here is my config:

ASA Version 7.0(8)

!

hostname ASA
domain-name 000000.net
enable password mtO4nwfPTx1fNgNE encrypted
passwd mtO4nwfPTx1fNgNE encrypted
names
name aa.zzz.228.130 Internet
name xx.yy.145.254 LAN
dns-guard
interface Ethernet0/0
description Internet
shutdown
nameif Internet
security-level 0
ip address Internet 255.255.255.240
ospf cost 10
interface Ethernet0/1
description Local LAN
speed 100
duplex full
nameif LAN
security-level 100
ip address LAN 255.255.255.0
ospf cost 10
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
speed 100
nameif DMZ
security-level 100
ip address xx.yy.150.222 255.255.255.0
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ftp mode passive
clock timezone cst -6
clock summer-time CDT recurring
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group icmp-type icmp-in
icmp-object redirect
icmp-object mask-request
icmp-object timestamp-request
icmp-object timestamp-reply
object-group icmp-type icmp-out
icmp-object parameter-problem
icmp-object source-quench
icmp-object echo
icmp-object echo-reply
object-group network BAD_IP
description Private and otherwise disallowed IP addresses
network-object 0.0.0.0 255.0.0.0
network-object 10.0.0.0 255.0.0.0
network-object 127.0.0.0 255.0.0.0
network-object 169.254.0.0 255.255.0.0
network-object 172.16.0.0 255.240.0.0
network-object 192.0.2.0 255.255.255.0
network-object 192.168.0.0 255.255.0.0
network-object 224.0.0.0 224.0.0.0
network-object host 0.0.0.0
network-object host 255.255.255.255
network-object 207.173.88.0 255.255.255.0
network-object 80.13.223.0 255.255.255.0
network-object 12.211.6.0 255.255.255.0
network-object 12.235.125.0 255.255.255.0
network-object 12.240.78.0 255.255.255.0
network-object host 61.56.69.18
network-object host 66.98.173.166
network-object host 62.104.23.40
network-object host 66.197.197.133
network-object host 151.189.20.30
network-object host 151.201.0.39
network-object host 212.5.86.163
network-object host 217.16.18.181
network-object host 218.25.10.28
network-object host 192.67.198.33
network-object host 66.34.130.197
network-object host 67.85.218.18
network-object host 65.75.151.191
network-object host 65.75.151.192
network-object host 60.26.216.105
network-object host 61.128.97.226
network-object host 61.159.225.194
network-object host 62.14.3.84
network-object host 62.94.0.8
network-object host 62.146.13.150
network-object host 62.193.206.8
network-object host 63.195.125.86
network-object host 63.240.230.10
network-object host 64.92.163.98
network-object host 64.94.226.153
network-object host 65.75.134.170
network-object host 66.90.84.101
network-object host 66.139.77.145
network-object host 69.50.180.164
network-object host 69.50.188.180
network-object host 69.93.44.252
network-object host 69.93.44.254
network-object host 70.84.0.181
network-object host 72.20.1.222
network-object host 72.20.27.182
network-object host 80.77.17.68
network-object host 195.225.176.31
network-object host 201.10.173.126
network-object host 202.177.16.121
network-object host 205.209.184.210
network-object host 205.209.188.190
network-object host 205.234.148.126
network-object host 211.35.218.90
network-object host 211.192.60.14
network-object host 213.155.197.138
network-object host 216.193.215.146
network-object host 216.253.169.137
network-object host 218.30.110.152
network-object host 220.65.106.100
network-object host 220.174.19.214
network-object host 12.129.232.114
network-object host 35.8.148.102
network-object host 35.11.230.211
network-object host 61.152.93.13
network-object host 61.152.108.11
network-object host 64.12.212.12
network-object host 64.25.134.145
network-object host 64.111.99.4
network-object host 64.111.110.243
network-object host 64.246.44.10
network-object host 64.246.168.50
network-object host 66.197.0.145
network-object host 66.197.163.245
network-object host 66.230.223.73
network-object host 67.15.64.93
network-object host 68.24.54.122
network-object host 68.186.110.158
network-object host 69.10.142.222
network-object host 80.239.178.111
network-object host 81.177.7.108
network-object host 128.2.102.65
network-object host 128.121.176.42
network-object host 130.132.78.103
network-object host 130.132.208.203
network-object host 131.159.72.15
network-object host 140.198.6.172
network-object host 140.198.85.16
network-object host 152.7.24.186
network-object host 192.98.49.2
network-object host 193.163.220.3
network-object host 194.68.45.50
network-object host 194.109.11.65
network-object host 194.117.194.75
network-object host 195.204.1.130
network-object host 204.251.15.170
network-object host 205.196.218.73
network-object host 207.36.201.65
network-object host 208.181.178.245
network-object host 210.51.170.8
network-object host 211.95.73.202
network-object host 211.100.26.182
network-object host 213.229.60.75
network-object host 213.248.54.204
network-object host 216.115.95.70
network-object host 216.153.169.137
network-object host 216.251.43.11
network-object host 217.75.98.140
network-object host 217.112.42.88
network-object host 219.133.143.155
network-object host 64.151.98.36
network-object host 70.85.49.52
network-object host 209.196.36.78
network-object host 211.119.137.198
network-object host 211.119.137.216
network-object host 216.205.76.7
network-object host 218.38.30.189
network-object 121.8.16.0 255.255.255.0
network-object 121.8.163.0 255.255.255.0
network-object 123.152.18.0 255.255.255.0
network-object 219.147.173.0 255.255.255.0
network-object 94.190.193.0 255.255.255.0
network-object 121.11.86.0 255.255.255.0
network-object 200.68.71.0 255.255.255.0
network-object 59.62.0.0 255.255.0.0
network-object 202.109.0.0 255.255.0.0
network-object 58.20.0.0 255.255.0.0
network-object 58.208.0.0 255.255.0.0
network-object 222.37.0.0 255.255.0.0
network-object 195.191.102.0 255.255.255.0
network-object 210.212.0.0 255.255.255.0
object-group service BLOCKED_PORTS tcp-udp
description Blocked ports due to virus, backdoors, and attacks
port-object range 1 19
port-object eq 37
port-object eq 42
port-object eq 63
port-object eq 67
port-object eq 69
port-object eq 79
port-object eq 81
port-object eq 82
port-object eq 93
port-object eq sunrpc
port-object eq 117
port-object eq 123
port-object range 135 139
port-object eq 161
port-object eq 162
port-object eq 420
port-object eq 445
port-object eq 512
port-object eq 513
port-object eq 514
port-object eq talk
port-object eq 518
port-object eq 540
port-object eq 541
port-object eq 550
port-object eq 593
port-object eq 665
port-object eq 666
port-object eq 707
port-object eq 777
port-object eq 778
port-object range 995 999
port-object eq 1001
port-object eq 1022
port-object eq 1023
port-object eq 1040
port-object eq 1042
port-object eq 1080
port-object eq 1214
port-object eq 1234
port-object eq 1434
port-object eq 1512
port-object eq 1900
port-object eq 2222
port-object eq 2283
port-object eq 2535
port-object eq 2556
port-object eq 2866
port-object eq 3000
port-object range 3127 3198
port-object eq 3332
port-object eq 3533
port-object eq 4000
port-object eq 4444
port-object range 4661 4662
port-object eq 4665
port-object eq 4751
port-object eq 4820
port-object eq 5000
port-object eq 5190
port-object eq 5300
port-object eq 5599
port-object eq 5800
port-object range 6000 6063
port-object eq 6129
port-object range 6345 6349
port-object range 6351 6352
port-object eq 6384
port-object range 6600 6699
port-object range 6711 6712
port-object eq 6776
port-object eq 6777
port-object eq 6789
port-object eq 7000
port-object eq 7777
port-object eq 7955
port-object eq 8866
port-object range 8875 8876
port-object eq 8888
port-object eq 8967
port-object eq 9010
port-object eq 9604
port-object range 9898 9899
port-object eq 10080
port-object eq 11311
port-object range 12345 12346
port-object eq 16660
port-object eq 17300
port-object eq 19937
port-object eq 22226
port-object eq 23005
port-object eq 23006
port-object eq 26000
port-object eq 27444
port-object eq 27665
port-object eq 30001
port-object eq 31335
port-object eq 31337
port-object eq 33270
port-object eq 39168
port-object range 63000 63001
port-object eq 65000
port-object eq 382
port-object eq 1034
port-object eq 2989
port-object range 5554 5555
port-object eq 9996
port-object eq 9999
port-object eq 12065
port-object eq 23232
port-object eq 28253
port-object range 28882 28883
port-object eq 32121
port-object eq 1433
port-object eq 10085
port-object eq 10087
port-object eq 1024
port-object eq 2000
port-object eq 5232
port-object eq 8000
port-object eq 10089
port-object eq 10102
port-object eq 10155
port-object eq 10487
port-object eq 12187
port-object eq 18354
port-object eq 145
port-object eq 321
port-object range 1080 1081
port-object range 1433 1434
port-object eq 1491
port-object eq 3306
port-object eq 3385
port-object eq 4242
port-object eq 4646
port-object eq 5136
port-object eq 5652
port-object eq 6556
port-object range 6564 6565
port-object eq 7043
port-object eq 8080
port-object eq 9000
port-object eq 9035
port-object eq 9515
port-object eq 10000
port-object eq 10100
port-object eq 12121
port-object eq 18067
port-object eq 20192
port-object eq 23523
port-object eq 27999
port-object eq 32440
port-object eq 39780
port-object eq 43287
port-object eq 65475
port-object range 5905 5999
port-object eq 6000
port-object eq 135
object-group network INSIDE_ADDRESSES
description Inside IP addresses in use
network-object bbb.t.50.0 255.255.255.0
network-object xx.yy.0.0 255.255.0.0
network-object xx.rrr.0.0 255.255.0.0
object-group network OUTSIDE_IP_BLOCKED
description Outside IP addresses to be blocked
network-object host aa.zzz.228.131
network-object host aa.zzz.228.132
network-object host aa.zzz.228.133
network-object host aa.zzz.228.134
network-object host aa.zzz.228.135
network-object host aa.zzz.228.136
network-object host aa.zzz.228.137
network-object host aa.zzz.228.138
network-object host aa.zzz.228.139
network-object host aa.zzz.228.140
network-object host aa.zzz.228.141
network-object host aa.zzz.228.142
object-group network INSIDE_IP_BLOCKED
description Inside IP addresses to be blocked
network-object host 100.1.50.10
network-object host xx.yy.150.10
network-object host xx.yy.150.11
network-object host xx.yy.150.50
network-object host xx.yy.158.10
network-object host xx.yy.170.10
object-group network DM_INLINE_NETWORK_1
network-object host 12.127.16.67
network-object host 12.127.16.68
network-object host 128.63.2.53
network-object host 128.8.10.90
network-object host 128.9.0.107
network-object host 192.112.36.4
network-object host 192.203.230.10
network-object host 192.33.4.12
network-object host 192.36.148.17
network-object host 192.5.5.241
network-object host 192.58.128.30
network-object host 193.0.14.129
network-object host 198.32.64.12
network-object host 198.41.0.4
network-object host 202.12.27.33
network-object host 4.2.2.2
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list INTERNET_access_in remark Ping Traffic
access-list INTERNET_access_in extended permit icmp any any
access-list nonat extended permit ip host xx.yy.151.15 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.150.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip 100.1.50.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip host xx.yy.150.25 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.151.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.152.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.153.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.154.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.155.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.156.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.157.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.158.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list nonat extended permit ip xx.yy.151.0 255.255.255.0 10.66.0.0 255.255.0.0
access-list nonat extended permit ip host xx.yy.151.15 xx.yy.147.0 255.255.255.0
access-list nonat extended permit ip xx.yy.150.0 255.255.255.0 xx.yy.147.0 255.255.255.0
access-list nonat extended permit ip xx.yy.151.0 255.255.255.0 10.78.0.0 255.255.0.0
access-list nonat extended permit ip host xx.yy.151.15 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.150.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip 100.1.50.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip host xx.yy.150.25 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.151.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.152.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.153.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.154.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.155.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.156.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.157.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.158.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list nonat extended permit ip xx.yy.150.0 255.255.255.0 172.32.15.0 255.255.255.0
access-list nonat extended permit ip host xx.yy.151.15 172.34.14.0 255.255.255.0
access-list 80 extended permit ip xx.yy.150.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip 100.1.50.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.151.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.152.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.153.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.154.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.155.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.156.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.157.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.158.0 255.255.255.0 xx.yy.148.0 255.255.255.0
access-list 80 extended permit ip xx.yy.150.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list 80 extended permit ip xx.yy.151.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list 80 extended permit ip xx.yy.0.0 255.255.0.0 172.32.14.0 255.255.255.0
access-list 80 extended permit ip 100.1.50.0 255.255.255.0 172.32.14.0 255.255.255.0
access-list ACL-OUT26 extended deny 53 any any
access-list ACL-OUT26 extended deny 55 any any
access-list ACL-OUT26 extended deny 77 any any
access-list ACL-OUT26 extended deny pim any any
access-list ACL-OUT26 extended deny tcp host 192.168.255.10 any eq ftp-data
access-list ACL-OUT26 extended deny udp host 192.168.255.10 any eq 20
access-list ACL-OUT26 extended permit tcp any gt 1023 any eq domain
access-list ACL-OUT26 extended permit udp any gt 1023 any eq domain
access-list ACL-OUT26 extended permit tcp host 192.168.255.10 eq

http://www any

access-list ACL-OUT26 extended permit tcp host 192.168.255.10 eq https any
access-list ACL-OUT26 extended deny ip any any
access-list ACL-IN9 extended deny 53 any any
access-list ACL-IN9 extended deny 55 any any
access-list ACL-IN9 extended deny 77 any any
access-list ACL-IN9 extended deny pim any any
access-list ACL-IN9 extended deny icmp any any object-group icmp-in
access-list ACL-IN9 extended deny tcp any object-group OUTSIDE_IP_BLOCKED eq ftp-data
access-list ACL-IN9 extended deny tcp any object-group OUTSIDE_IP_BLOCKED eq ftp
access-list ACL-IN9 extended deny udp any object-group OUTSIDE_IP_BLOCKED eq 21
access-list ACL-IN9 extended permit esp any any
access-list ACL-IN9 extended permit udp any any eq isakmp
access-list ACL-IN9 extended permit udp any any eq 4500
access-list ACL-IN9 remark Router
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.140 eq telnet
access-list ACL-IN9 extended permit tcp host 216.237.216.10 eq 10000 any
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 extended permit tcp any eq domain host aa.zzz.228.135
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.135 eq www
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 extended permit udp any eq domain host aa.zzz.228.135
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 extended permit udp any host aa.zzz.228.135 eq domain
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 extended permit tcp any eq domain host aa.zzz.228.136
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.136 eq domain
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 extended permit udp any eq domain host aa.zzz.228.136
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 extended permit udp any host aa.zzz.228.136 eq domain
access-list ACL-IN9 remark DNS 2
access-list ACL-IN9 extended permit tcp any eq domain host aa.zzz.228.137
access-list ACL-IN9 extended permit udp any host aa.zzz.228.137 eq domain
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq smtp
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any eq smtp host aa.zzz.228.131
access-list ACL-IN9 extended permit udp any host aa.zzz.228.131 eq 587
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq pop3
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq imap4
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq 1000
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq 3000
access-list ACL-IN9 remark Email
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.131 eq www
access-list ACL-IN9 remark DMZ
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.132 eq https
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 extended permit udp any host aa.zzz.228.142 range 5198 5199
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 extended permit udp any range 5198 5199 host aa.zzz.228.142
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.142 eq 5200
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 extended permit tcp any eq 5200 host aa.zzz.228.142
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.142 eq 8080
access-list ACL-IN9 remark DNS 1
access-list ACL-IN9 extended permit udp any host aa.zzz.228.134 eq domain
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.138 range 3000 cifs
access-list ACL-IN9 extended permit tcp any range 3000 cifs host aa.zzz.228.138
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.138 eq 3500
access-list ACL-IN9 extended permit tcp any eq 3500 host aa.zzz.228.138
access-list ACL-IN9 extended permit udp any host aa.zzz.228.138 range 3000 cifs
access-list ACL-IN9 extended permit udp any range 3000 cifs host aa.zzz.228.138
access-list ACL-IN9 extended permit udp any host aa.zzz.228.138 eq 3500
access-list ACL-IN9 extended permit udp any eq 3500 host aa.zzz.228.138
access-list ACL-IN9 extended permit tcp host 216.237.216.23 range 2056 2057 host aa.zzz.228.139
access-list ACL-IN9 extended permit udp host 216.237.216.23 range 2056 2057 host aa.zzz.228.139
access-list ACL-IN9 extended permit tcp host 216.237.216.23 host aa.zzz.228.139 range 2056 2057
access-list ACL-IN9 extended permit udp host 216.237.216.23 host aa.zzz.228.139 range 2056 2057
access-list ACL-IN9 extended permit udp host aa.zzz.228.129 gt 30000 host aa.zzz.228.141 eq snmptrap
access-list ACL-IN9 extended deny tcp any any eq www
access-list ACL-IN9 extended deny udp any any eq www
access-list ACL-IN9 extended deny udp any object-group OUTSIDE_IP_BLOCKED eq 20
access-list ACL-IN9 remark Router
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 remark Tower Cam
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 remark DNS 3
access-list ACL-IN9 remark DNS 2
access-list ACL-IN9 remark DNS 2
access-list ACL-IN9 extended permit tcp any host aa.zzz.228.137 eq domain
access-list ACL-IN9 remark DNS 2
access-list ACL-IN9 extended permit udp any eq domain host aa.zzz.228.137
access-list ACL-IN9 remark DNS 2
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark Email
access-list ACL-IN9 remark DMZ
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 remark Echolink
access-list ACL-IN9 remark DNS 1
access-list ACL-OUT2 extended deny 53 any any
access-list ACL-OUT2 extended deny 55 any any
access-list ACL-OUT2 extended deny 77 any any
access-list ACL-OUT2 extended deny pim any any
access-list ACL-OUT2 extended permit icmp any any object-group icmp-out
access-list ACL-OUT2 extended deny icmp any any
access-list ACL-OUT2 extended deny ip any object-group BAD_IP
access-list ACL-OUT2 extended deny tcp object-group INSIDE_IP_BLOCKED any eq ftp-data
access-list ACL-OUT2 extended deny udp object-group INSIDE_IP_BLOCKED any eq 20
access-list ACL-OUT2 extended deny tcp object-group INSIDE_IP_BLOCKED any eq ftp
access-list ACL-OUT2 extended deny udp object-group INSIDE_IP_BLOCKED any eq 21
access-list ACL-OUT2 extended deny ip any host 66.34.130.197
access-list ACL-OUT2 extended permit esp any any
access-list ACL-OUT2 extended permit udp any any eq isakmp
access-list ACL-OUT2 extended permit udp any any eq 4500
access-list ACL-OUT2 extended permit tcp host xx.yy.145.1 eq telnet any
access-list ACL-OUT2 extended permit tcp any host 216.54.213.20 eq 10000
access-list ACL-OUT2 extended permit tcp host xx.yy.155.20 any eq 137
access-list ACL-OUT2 extended permit tcp host xx.yy.155.20 any eq 445
access-list ACL-OUT2 extended permit tcp host xx.yy.155.21 any eq 137
access-list ACL-OUT2 extended permit tcp host xx.yy.155.21 any eq 445
access-list ACL-OUT2 extended permit tcp host 100.1.50.10 any eq domain
access-list ACL-OUT2 extended permit udp host 100.1.50.10 eq domain any
access-list ACL-OUT2 extended permit udp host 100.1.50.10 any eq domain
access-list ACL-OUT2 extended permit tcp host xx.yy.150.10 eq domain any
access-list ACL-OUT2 extended permit tcp host xx.yy.150.10 any eq domain
access-list ACL-OUT2 extended permit udp host xx.yy.150.10 eq domain any
access-list ACL-OUT2 extended permit udp host xx.yy.150.10 any eq domain
access-list ACL-OUT2 extended permit tcp host xx.yy.150.11 eq domain any
access-list ACL-OUT2 extended permit tcp host xx.yy.150.11 any eq domain
access-list ACL-OUT2 extended permit udp host xx.yy.150.11 eq domain any
access-list ACL-OUT2 extended permit udp host xx.yy.150.11 any eq domain
access-list ACL-OUT2 extended permit tcp object-group INSIDE_ADDRESSES gt 1023 any eq domain
access-list ACL-OUT2 extended permit udp object-group INSIDE_ADDRESSES gt 1023 any eq domain
access-list ACL-OUT2 extended permit tcp host xx.yy.150.50 any eq smtp
access-list ACL-OUT2 extended permit tcp host xx.yy.150.50 eq pop3 any
access-list ACL-OUT2 extended permit tcp host xx.yy.150.50 eq imap4 any eq imap4
access-list ACL-OUT2 extended permit tcp host xx.yy.150.50 eq 3000 any
access-list ACL-OUT2 extended permit udp host xx.yy.153.5 range 5198 5199 any
access-list ACL-OUT2 extended permit udp host xx.yy.153.5 any range 5198 5199
access-list ACL-OUT2 extended permit tcp host xx.yy.153.5 eq 5200 any
access-list ACL-OUT2 extended permit tcp host xx.yy.153.5 any eq 5200
access-list ACL-OUT2 extended permit tcp host xx.yy.153.5 eq 8080 any
access-list ACL-OUT2 extended permit tcp host xx.yy.153.5 any eq 8080
access-list ACL-OUT2 extended permit tcp host xx.yy.153.6 any eq 8100
access-list ACL-OUT2 extended permit tcp host xx.yy.153.6 eq 8100 any
access-list ACL-OUT2 extended permit tcp host xx.yy.151.5 host 216.237.216.23 range 2056 2057
access-list ACL-OUT2 extended permit udp host xx.yy.158.10 any range 3000 cifs
access-list ACL-OUT2 extended permit tcp host xx.yy.158.10 range 3000 cifs any
access-list ACL-OUT2 extended permit tcp host xx.yy.158.10 any range 3000 cifs
access-list ACL-OUT2 extended permit udp host xx.yy.158.10 eq 3500 any
access-list ACL-OUT2 extended permit udp host xx.yy.158.10 any eq 3500
access-list ACL-OUT2 extended permit tcp host xx.yy.158.10 eq 3500 any
access-list ACL-OUT2 extended permit tcp host xx.yy.158.10 any eq 3500
access-list ACL-OUT2 extended deny tcp any any object-group BLOCKED_PORTS
access-list ACL-OUT2 extended deny udp any any object-group BLOCKED_PORTS
access-list ACL-OUT2 extended permit tcp object-group INSIDE_ADDRESSES gt 1023 any lt 1024
access-list ACL-OUT2 extended permit tcp object-group INSIDE_ADDRESSES gt 1023 any gt 1023
access-list ACL-OUT2 extended permit udp object-group INSIDE_ADDRESSES any range 33400 34400
access-list ACL-OUT2 extended permit udp object-group INSIDE_ADDRESSES any
access-list ACL-OUT2 extended deny ip any any
access-list ACL-OUT2 extended permit udp host xx.yy.151.5 host 216.237.216.23 range 2056 2057
access-list ACL-OUT2 extended permit udp host xx.yy.158.10 range 3000 cifs any
access-list 70 extended permit ip host xx.yy.151.15 xx.yy.148.0 255.255.255.0
access-list 70 extended permit ip host xx.yy.150.11 xx.yy.148.0 255.255.255.0
access-list 70 extended permit ip host xx.yy.150.25 xx.yy.148.0 255.255.255.0
access-list 70 extended permit ip host xx.yy.151.15 172.32.14.0 255.255.255.0
access-list 70 extended permit ip host xx.yy.150.11 172.32.14.0 255.255.255.0
access-list 70 extended permit ip host xx.yy.150.25 172.32.14.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.150.11 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.20 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.21 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.101 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.102 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.103 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.104 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.105 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.106 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.107 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.108 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.109 xx.yy.148.0 255.255.255.0
access-list 78 extended permit ip host xx.yy.152.110 xx.yy.148.0 255.255.255.0
access-list 85 extended permit ip host xx.yy.150.11 xx.yy.148.0 255.255.255.0
access-list 85 extended permit ip host xx.yy.150.60 xx.yy.148.0 255.255.255.0
access-list 85 extended permit ip host xx.yy.150.61 xx.yy.148.0 255.255.255.0
access-list 85 extended permit ip host xx.yy.150.62 xx.yy.148.0 255.255.255.0
access-list 85 extended permit ip host xx.yy.150.65 xx.yy.148.0 255.255.255.0
pager lines 24
logging list test level warnings
logging asdm warnings
logging facility 16
logging class config monitor debugging
logging class ip monitor debugging
logging class sys monitor debugging
logging class vpn monitor debugging
mtu Internet 1500
mtu LAN 1500
mtu DMZ 1500
mtu management 1500

ip local pool VPNPOOL3 xx.yy.148.0-xx.yy.148.254
ip local pool VPNPOOL4 xx.yy.147.20-xx.yy.147.25
ip local pool WINVPN 172.32.14.1-172.32.14.100 mask 255.255.255.0
no failover
icmp permit any Internet
asdm image disk0:/asdm-508.bin
asdm history enable
arp timeout 14400
nat-control
global (Internet) 1 interface
global (Internet) 3 aa.zzz.228.139 netmask 255.255.255.255
global (Internet) 4 aa.zzz.228.140 netmask 255.255.255.255
nat (LAN) 0 access-list nonat
nat (LAN) 1 xx.yy.145.0 255.255.255.0
nat (LAN) 1 xx.yy.149.0 255.255.255.0
nat (LAN) 1 xx.yy.150.0 255.255.255.0
nat (LAN) 1 xx.yy.151.0 255.255.255.0
nat (LAN) 1 xx.yy.152.0 255.255.255.0
nat (LAN) 1 xx.yy.153.0 255.255.255.0
nat (LAN) 1 xx.yy.154.0 255.255.255.0
nat (LAN) 1 xx.yy.155.0 255.255.255.0
nat (LAN) 1 xx.yy.156.0 255.255.255.0
nat (LAN) 1 xx.yy.157.0 255.255.255.0
nat (LAN) 1 xx.yy.158.0 255.255.255.0
nat (LAN) 1 100.1.50.0 255.255.255.0
nat (LAN) 1 172.32.14.0 255.255.255.0
nat (LAN) 1 xx.yy.0.0 255.255.0.0
nat (LAN) 1 10.254.0.0 255.255.0.0
nat (LAN) 1 0.0.0.0 0.0.0.0
static (LAN,Internet) udp aa.zzz.228.142 5198 xx.yy.170.10 5198 netmask 255.255.255.255
static (LAN,Internet) udp aa.zzz.228.142 5199 xx.yy.170.10 5199 netmask 255.255.255.255
static (LAN,Internet) tcp aa.zzz.228.142 5200 xx.yy.170.10 5200 netmask 255.255.255.255
static (LAN,Internet) tcp aa.zzz.228.142 8080 xx.yy.170.10 8080 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.134 xx.yy.150.11 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.131 xx.yy.150.50 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.132 192.168.255.10 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.135 xx.yy.158.10 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.138 xx.yy.153.35 netmask 255.255.255.255
static (LAN,Internet) aa.zzz.228.140 xx.yy.145.1 netmask 255.255.255.255
access-group ACL-IN9 in interface Internet
access-group ACL-OUT2 in interface LAN
route Internet 0.0.0.0 0.0.0.0 aa.zzz.228.129 1
route LAN bbb.t.50.0 255.255.255.0 xx.yy.145.1 1
route LAN rr.eee.254.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.170.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.165.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.158.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.157.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.156.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.155.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.154.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.153.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.152.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.151.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.150.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.149.0 255.255.255.0 xx.yy.145.1 1
route LAN xx.yy.0.0 255.255.0.0 xx.yy.145.1 1
timeout xlate 0:10:00
timeout conn 0:10:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
group-policy SSLVPN internal
group-policy SSLVPN attributes
vpn-simultaneous-logins 10
vpn-idle-timeout none
vpn-session-timeout none
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 70
webvpn
group-policy TCIPolicy internal
group-policy TCIPolicy attributes
banner value Morgan County 911
dns-server value xx.yy.150.11
vpn-filter value 78
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 78
webvpn
group-policy 911Policy1 internal
group-policy 911Policy1 attributes
dns-server value xx.yy.150.11
vpn-simultaneous-logins 100
vpn-idle-timeout none
vpn-session-timeout none
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 80
default-domain value morgan911.net
webvpn
group-policy MDTPolicy internal
group-policy MDTPolicy attributes
dns-server value xx.yy.150.11
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 70
default-domain value morgan911.net
webvpn
url-server (LAN) vendor websense host xx.yy.150.15 timeout 30 protocol TCP version 1 connections 20
url-cache src_dst 128
filter url except xx.yy.150.101 255.255.255.255 0.0.0.0 0.0.0.0 allow
filter url except xx.yy.150.100 255.255.255.255 0.0.0.0 0.0.0.0 allow
filter url except xx.yy.150.95 255.255.255.255 0.0.0.0 0.0.0.0 allow
filter ftp 21 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
filter url http bbb.t.50.0 255.255.255.0 0.0.0.0 0.0.0.0 allow
filter url http xx.yy.151.0 255.255.255.0 0.0.0.0 0.0.0.0 allow
filter url http xx.yy.152.0 255.255.255.0 0.0.0.0 0.0.0.0
filter url http xx.yy.150.0 255.255.255.0 0.0.0.0 0.0.0.0 allow
filter url http xx.yy.156.0 255.255.255.0 0.0.0.0 0.0.0.0 allow
http server enable
http xx.yy.148.0 255.255.255.0 LAN
http xx.yy.150.0 255.255.255.0 LAN
http bbb.t.48.0 255.255.248.0 LAN
http xx.yy.0.0 255.255.0.0 LAN
http 0.0.0.0 0.0.0.0 LAN
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map LAN_dyn_map 1 set transform-set ESP-3DES-SHA
crypto dynamic-map LAN_dyn_map 1 set security-association lifetime seconds 28800
crypto dynamic-map LAN_dyn_map 1 set security-association lifetime kilobytes 4608000
crypto dynamic-map cisco 10 set security-association lifetime seconds 28800
crypto dynamic-map cisco 10 set security-association lifetime kilobytes 4608000
crypto map INTERNET_map 65535 set security-association lifetime seconds 28800
crypto map INTERNET_map 65535 set security-association lifetime kilobytes 4608000
crypto map LAN_map 65535 ipsec-isakmp dynamic LAN_dyn_map
crypto map LAN_map interface LAN
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
fqdn MorganASA
subject-name CN=MorganASA
crl configure
crypto ca trustpoint ASDM_TrustPoint1
enrollment self
fqdn DecPIX
subject-name CN=MorganASA
crl configure
crypto ca trustpoint trustpoint
enrollment retry period 2
enrollment retry count 3
crl configure
isakmp enable Internet
isakmp enable LAN
isakmp ipsec-over-tcp port 10000
tunnel-group DefaultRAGroup general-attributes
address-pool (Internet) VPNPOOL
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
telnet xx.yy.0.0 255.255.0.0 LAN
telnet timeout 20
ssh 0.0.0.0 0.0.0.0 Internet
ssh timeout 60
ssh version 1
console timeout 0
management-access LAN
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
dhcpd enable management
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect dns maximum-length 512
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect http
service-policy global_policy global
url-block url-mempool 1500
url-block url-size 4
url-block block 30
ntp server xx.yy.150.21 source LAN prefer

 

[unclerico]

the first thing i would do is update the ASA to 8.2.2 code and update the ASDM

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[FaiTHLeSS]

Could be the version of java, i know i have had issues with the newer ones with some of my java applets and unsigned java code so had to go back to older versions.

Currently running V6Update17 with no issues.

Recently gone from 8.2 to 8.3 though, if you do go to 8.3 version you have to make sure you unit has 2GB ram unlike the older version that alot less. There is quite a few code changes in 8.3 to so i would read the update notes beforehand.