KB ID 0000068
Note: This is an old article, you might want to go here
If you have to look after a lot of client firewall’s, or you simply want to be able to manage your own remotely then this can be done via the ASDM console.
1 Log into the firewall > Go to enable mode.
Password: *******
[/box] 2 Go to configure terminal mode. [box]ciscoasa# conf t[/box]
3. Turn on the ASDM Server.
[box]ciscoasa(config)# http server enable[/box]
4. Allow a host to connect from the Outside.
[box]ciscoasa(config)# http outside[/box]
5. Save the configuration.
ciscoasa(config)# write mem
Building configuration...
Cryptochecksum: b984ffbc dd77cdbf f2cd8d86 0b8f3f96
3965 bytes copied in 1.490 secs (3965 bytes/sec)
Now this has set up access for the host so it can connect to the ASA from outside. This uses https (TCP Port 443). which is fine if you don’t use HTTP for anything else or have it “Port Forwarded” for a web site or Exchange Web Access etc. If you do, then you will need to set the ASDM to listen on a different port. To do this you need to enter the following commands.
1. Log into the firewall > Go to enable mode.
Password: *******
2. Go to configure terminal mode.
[box]ciscoasa# conf t[/box]
3. Assuming you already have the ASDM server enabled quickly disable it (if this errors don’t worry just skip to the next step)
[box]ciscoasa(config)# no http server enable[/box]
4. Now you need to enable the ADSM again on a particular port (in this example I’ll use TCP port 2456, but you can use any port from 1-65535.)
[box]ciscoasa(config)# http server enable 2456[/box]
5. Don’t forget to save the settings.
ciscoasa(config)# write mem
Building configuration...
Cryptochecksum: 244f5ae3 8088fc5e f1802a27 3bdac2b2
3970 bytes copied in 1.400 secs (3970 bytes/sec)
Now from the remote client simply open a web page and proceed to https://{public_IP_of the ASA}:2456
Related Articles, References, Credits, or External Links