ASA 5505 ASDM Startup Wizard - does it work at all?

I got a Cisco ASA 5505 with Cisco Adaptive Security Appliance Software Version 7.2(2). Normally I always configure my equipment through CLI, but since it is my first ASA I thought I would give the advertised Startup Wizard a try.

First thing I tried was setting the internal and external IP addresses. Guess what: it didn't work! My settings had no effect at all. They were completely and utterly ignored.

- Try 1: entered 192.168.14.1 as IP address for inside, fixed public IP address for outside, proceeded to the DHCP page, tried to enter a matching DHCP range - up pops the error message: "Your DHCP range must fit within your internal address range 192.168.1.1-192.168.1.254". Went back in the Wizard, and sure enough, the inside and outside interfaces had reverted to 192.168.1.1 and DHCP, respectively.

- Try 2: entered 192.168.14.1 as IP address for inside, pushed "Finish" immediately to force the change into the device. No joy, the thing responded with a message: "no changes made".

Is it just me, or is this so-called Wizard really unable to make the most elementary of configuration changes, namely setting the IP address of an interfaces?

Oh yes, and then the final straw:

- Try 3: changed the IP address through the ASDM main page. This actually succeeded - in locking me out of the device, because it changed the interface address immediately, disconnecting me, but left the "administrative access" setting at the old value 192.168.1.0/24 so I couldn't get back in after changing my admin PC to the new IP range. Had to get the old console cable out.

Back to CLI. ASDM is too difficult for me.

Reply to
Tilman Schmidt
Loading thread data ...

I can see you are totally frustrated. I can understand as I have done a few of these. First off I would suggest that you go to vers 7.23 code. It fixes some minor issues, DO not use 8.02 as it has some bug and it is too early to use. Also are you using ADSM ver 6.02? that vers can only be used with the 8.02 code. Please use the ASDM ver 5.23 as it works with 7.2 code. That would be the first part I would look at. Then we can see what and how you are doing it in the ADSM......

Stephen

Reply to
Pentreed

Thanks for your advice. I have upgraded to ASA 7.2.3 and ASDM 5.2.3 now. (Quite an exercise in itself when you cannot connect a PC to the Pix and to the network at the same time because the Pix' IP address doesn't fit and can't be changed.) This didn't solve the problem, but at least it very clearly showed the nature of this ASDM bug.

This is what I do:

- Start ASDM Launcher, connect to 192.168.1.1, no username, no password.

- Select from the menu: Wizards - Startup Wizard

- On the first screen, select "Modify existing configuration"

- Follow the wizard through its fourteen steps, specifying + outside vlan2 with a fixed address within our public range + inside vlan1 with fixed address 192.168.14.1/24 + dmz vlan3 (which I don't want or need, but ASDM insists I create), deactivated and without an IP address + a static route, a single ssh management host, and the entire (new) internal address range as ASDM management hosts + a DHCP address pool of 192.168.14.101-.120 to match the internal interface

The result: a window titled "Error in sending command" and showing:

--------8

Reply to
Tilman Schmidt

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.