I have a problem using the ASDM for my ASA setup on GNS3. I am fairly new to GNS3 and CCNA security and trying to get ASA working so I can practice while studying. Here's what I have done so far..
I have setup GNS3 0.8.5 on my windows 8 laptop. Also setup the ASA 8.4 firewall okay.
Then I configured a loopback ethernet interface on my Windows machine and successfully conneted it to the ASA as shown on the image below.
I can ping the host from ASA and the host can ping GiEthernet 0 interface(it's gateway, 192.168.0.1/24 as shown above) without any problem.
Then I uploaded adsm-713.bin to the ASA using tftp from my windows machine. It was okay too:
ciscoasa# sh flash: --#-- --length-- -----date/time------ path 4 4096 Sep 18 2013 12:55:16 log 9 4096 Sep 18 2013 12:55:20 coredumpinfo 10 59 Sep 18 2013 12:55:20 coredumpinfo/coredump.cfg 46 196 Sep 18 2013 12:55:20 upgrade_startup_errors_201309181255.log 47 196 Sep 18 2013 13:21:40 upgrade_startup_errors_201309181321.log 48 196 Sep 18 2013 13:34:08 upgrade_startup_errors_201309181334.log 49 18097844 Sep 18 2013 14:02:26 asdm-713.bin 41 0 Sep 18 2013 14:13:03 nat_ident_migrate 268136448 bytes total (249663488 bytes free)
I have setup the http server as well, giving what I think is adequate permission for the client(my windows machine) to connect via web-browser. But I cannot seem to connect via a web-browser. The ping seems fine. I even put wireshark on my loopback interface, and I can see that the pings are answered by the ASA but it's ignoring all the SYN requests to the ASA:
Here's is my running confing. Anything I seem to have missed or done wrong?..
ciscoasa# sh run : Saved : ASA Version 8.4(2) ! hostname ciscoasa enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted names ! interface GigabitEthernet0 nameif inside security-level 100 ip address 192.168.0.1 255.255.255.0 ! interface GigabitEthernet1 shutdown no nameif no security-level no ip address ! interface GigabitEthernet2 shutdown no nameif no security-level no ip address ! interface GigabitEthernet3 shutdown no nameif no security-level no ip address ! interface GigabitEthernet4 shutdown no nameif no security-level no ip address ! interface GigabitEthernet5 shutdown no nameif no security-level no ip address ! ftp mode passive pager lines 24 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-713.bin no asdm history enable arp timeout 14400 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart telnet timeout 5 ssh timeout 5 console timeout 0 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn username admin password f3UhLvUj1QsXsuK7 encrypted privilege 15 ! ! prompt hostname context no call-home reporting anonymous call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email firstname.lastname@example.org destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily crashinfo save disable Cryptochecksum:6bfcb8fe21795c5a3a3efa6e857c6165 : end -----------------------
I'd really appreciate some help here guys. Thanks