ASDM:

o ASDM is management tool stand for Cisco's Adaptive Security Device Manager.
o ASA Security Device Manager (ASDM) is a configuration tool included with ASA.
o ASA Security Device Manager has easy-to-use Web-based management interface.
o It is the GUI (Graphical User Interface) tool used to manage Cisco ASA appliances.
o Offers easy-to-use GUI & enables network administrators to quickly configure ASA.
o Offers easy-to-use GUI & enables network administrators monitor Cisco ASA Firewall.
o The ASDM enables network administrators troubleshoot Cisco firewall appliances.
o ASDM user interface is designed to provide easy access to many features ASA supports.
o ASDM user interface includes menu bar that provides quick access to files, tools & wizards.
o A dockable left Navigation pane to move through the Configuration and Monitoring panes.

Copy ASDM to ASA Firewall

ASA# copy tftp: disk0:
Address or name of remote host []? 192.168.1.50
Source filename []? asdm-781.bin
Destination filename [asdm-781.bin]?
Accessing tftp://192.168.1.50/asdm-781.bin
ASA# show flash:
ASA# config terminal
ASA(config)# asdm image flash:/asdm-781.bin

HTTPS/ASDM Configuration on Cisco ASA

ASA(config)# username admin password 123
ASA(Config)# http server enable
ASA(config)# http 192.168.1.0 255.255.255.0 inside
ASA(config)# http 192.168.1.50 255.255.255.255 inside
ASA(Config)# http 0.0.0.0 0.0.0.0 inside
ASA(config)# aaa authentication http console LOCAL
ASA# show run http
ASA(config)#clear config http

Copy the downloaded ASDM image file to your firewall using TFTP.

1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Configure ASA to load ASDM at next reboot using asdm image flash:asdm filename command.

Create a user on the device. Enable http server and identify the management station that will
be used to configure the appliance.

Open browser and go to the IP address of the ASA device use the HTTPS protocol: Click on the
Install ASDM Launcher and Run ASDM button to install ASDM.

2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

If prompted for credentials, enter the username and password you’ve configured.

Run the downloaded installer and finish the wizard. When the installation is completed, you can
start using ASDM to manage your ASA:

3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Device Dashboard Tab:
The Device Dashboard tab lets you view, at a glance, important information about your ASA,
such as the status of your interfaces, the version you are running, licensing information, and
performance.

Device Information Pane:

The Device Information pane includes two tabs that show device information: General tab and
License tab.

4 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Latest ASDM Syslog Messages Pane:
This pane shows the most recent system messages generated by the ASA, up to a maximum of
100 messages. Click Enable Logging to enable logging if it is disabled.

Firewall Dashboard Tab:

The Firewall Dashboard tab lets you view important information about the traffic passing
through your ASA. This dashboard differs depending on whether you are in single context mode
or multiple context mode. In multiple context mode, the Firewall Dashboard is viewable within
each context.

5 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

6 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717
SSH Configuration:
Connect via ASDM > Navigate to Configuration > Device Management > Management Access >
ASDM/HTTPS/Telnet/SSH > Add > Select SSH > Supply the IP and subnet > OK.

Generate RSA Keypair from ASDM

7 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Enable AAA for SSH (Local Database)

8 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Add a User to the Local Database

9 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Telnet Configuration:
Connect via ASDM > Navigate to Configuration > Device Management > Management Access >
ASDM/HTTPS/Telnet/SSH > Add > Select Telnet > Supply the IP and subnet > OK.

Enable AAA for Telnet (Local Database)

10 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Add a User to the Local Database

11 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

DHCP Configuration:
in Configuration mode in ASDM. Open Device Management Select DHCP and DHCP Server.
Verify that all of the “Global DHCP options” on the bottom half of the window are cleared.
Select interface “inside” click the “Edit” button. In the “Edit DHCP Server” dialog, enter the
DHCP address pool you wish to use. Also enter the DNS servers.

12 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Click the “Advanced” button. At a minimum, add “option 3 router” by highlighting the option in
the dropdown, selecting “IP address”, and entering the ip address of the internal interface of
the ASA . Important: Assumes you are using this Cisco ASA as your default gateway. Add any
additional options which you need in your environment. Click “Apply” at the bottom of the
screen.

13 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

14 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717