Tuesday, February 16, 2010

Changing the ASDM Port on a Cisco ASA

I very rarely ever use the Cisco GUI ASDM configuration tool. I've been a CLI guy my whole career. There's just something not right about being a Cisco guy, and using the GUI. Almost, always!

Yes, there are some exceptions. For instance, when you want to run the packet tracer utility. You can do it in the CLI, but I wouldn't recommend it. It's way too complicated, and who has time to figure out the hard way, when there's an easy way?

It's also very nice to use ASDM to monitor used system resources on the ASA.

But, what if you have already mapped a static connection using tcp/443 to your outside interface?

In this case, the default ASDM configuration will not work, because the static command will take precedence over the ASDM configuration. So, the default ASDM port will need to be changed from tcp/443 to something else.

You can accomplish this by using the following command:
hostname(config)# http server enable [port]
For instance, to change the ASDM port to tcp/444, use the following statement:
hostname(config)# http server enable 444
Now you will be able to open a web browser and point it to your ASA's external IP address, using port 444. How? Well, let's say your ASA's IP address is 10.10.10.10. You can get to the ASDM by pointing your web browser to: https://10.10.10.10:444

That will get you where you want to be.

2 comments:

Ruben Miranda said...

also change the port on your webvpn if it is enabled. I just had this issue and the http server command was not enough.

meghanasmiley03 said...

Nice post. You pointed on very important facts by this post. This is really very informative and useful information. Thanks for sharing this post.apply aws jobs in hyderabad.