-
1
- #1
Hello,
I read that you have to access ASDM off the management port. When i RJ45 into management port and set static IP on my nic card, I get nothing from Here is my current config.
ASA Version 8.6(1)
!
hostname URCORPASA1
enable password blahblahblah encrypted
passwd blahblah encrypted
names
!
interface GigabitEthernet0/0
description Primary Internet / Comcast
nameif OutsideComcast
security-level 0
ip address 192.168.28.224 255.255.254.0 standby 192.168.28.225
!
interface GigabitEthernet0/1
description Secondary Internet / Integra
nameif OutsideIntegra
security-level 0
ip address 70.102.14.194 255.255.255.252
!
interface GigabitEthernet0/2
description LAN/STATE Failover Interface
!
interface GigabitEthernet0/3
nameif Inside
security-level 100
ip address 10.10.10.1 255.255.0.0 standby 10.10.10.2
!
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
boot system disk0:/asa861-smp-k8.bin
ftp mode passive
object network PATToComcast
subnet 10.0.0.0 255.0.0.0
pager lines 24
mtu OutsideComcast 1500
mtu OutsideIntegra 1500
mtu Inside 1500
mtu management 1500
failover
failover lan unit secondary
failover lan interface failover GigabitEthernet0/2
failover key *****
failover replication http
failover mac address GigabitEthernet0/1 a44c.1129.af06 a44c.1129.e4a0
failover mac address GigabitEthernet0/3 a44c.1129.af07 a44c.1129.e4a1
failover link failover GigabitEthernet0/2
failover interface ip failover 10.10.1.1 255.255.255.0 standby 10.10.1.2
no monitor-interface OutsideComcast
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
asdm history enable
arp timeout 14400
!
object network PATToComcast
nat (Inside,OutsideComcast) dynamic interface
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd ping_timeout 750
!
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption des-sha1
webvpn
csd image disk0:/csd_3.5.2008-k9.pkg
anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 1
anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 3
username TriZe password blahblah encrypted
!
!
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http destination address email callhome@cisco.com
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 21
subscribe-to-alert-group configuration periodic monthly 21
subscribe-to-alert-group telemetry periodic daily
: end
I dont see anything i have done wrong, any help here would be great. I am new to the ASA's.
Thanks
Nate
I read that you have to access ASDM off the management port. When i RJ45 into management port and set static IP on my nic card, I get nothing from Here is my current config.
ASA Version 8.6(1)
!
hostname URCORPASA1
enable password blahblahblah encrypted
passwd blahblah encrypted
names
!
interface GigabitEthernet0/0
description Primary Internet / Comcast
nameif OutsideComcast
security-level 0
ip address 192.168.28.224 255.255.254.0 standby 192.168.28.225
!
interface GigabitEthernet0/1
description Secondary Internet / Integra
nameif OutsideIntegra
security-level 0
ip address 70.102.14.194 255.255.255.252
!
interface GigabitEthernet0/2
description LAN/STATE Failover Interface
!
interface GigabitEthernet0/3
nameif Inside
security-level 100
ip address 10.10.10.1 255.255.0.0 standby 10.10.10.2
!
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
boot system disk0:/asa861-smp-k8.bin
ftp mode passive
object network PATToComcast
subnet 10.0.0.0 255.0.0.0
pager lines 24
mtu OutsideComcast 1500
mtu OutsideIntegra 1500
mtu Inside 1500
mtu management 1500
failover
failover lan unit secondary
failover lan interface failover GigabitEthernet0/2
failover key *****
failover replication http
failover mac address GigabitEthernet0/1 a44c.1129.af06 a44c.1129.e4a0
failover mac address GigabitEthernet0/3 a44c.1129.af07 a44c.1129.e4a1
failover link failover GigabitEthernet0/2
failover interface ip failover 10.10.1.1 255.255.255.0 standby 10.10.1.2
no monitor-interface OutsideComcast
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
asdm history enable
arp timeout 14400
!
object network PATToComcast
nat (Inside,OutsideComcast) dynamic interface
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd ping_timeout 750
!
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption des-sha1
webvpn
csd image disk0:/csd_3.5.2008-k9.pkg
anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 1
anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 3
username TriZe password blahblah encrypted
!
!
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http destination address email callhome@cisco.com
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 21
subscribe-to-alert-group configuration periodic monthly 21
subscribe-to-alert-group telemetry periodic daily
: end
I dont see anything i have done wrong, any help here would be great. I am new to the ASA's.
Thanks
Nate