So I was at a clients and btw, forgot my laptop, and I had to configure their Cisco ASA 5505 series router with the new IP address of their satellites office’s ASA router. You see, they had a site-to-site VPN.
Problem was when I telnet into the ASA I get an “Could not open connection to the host, on port 23.Connect failed” error.
I could ping the router’s ip however, and also when I tried to login using the Cisco ASDM Launcher, I would get “Unable to launch ASDM Connection Timed out” error. What the heck?!?!!?!?!?!?
Well, the problem was that the router was never configured to accept any other IP for management. See, the router was set for an IP range of 10.0.X.X. But the router was only configure to allow a range of 192.168.X.X.
It took about 2 hours to figure this out, so I post it here to help relieve you of a future headache, and to remind me as well.
This is how to solve:
You’re going to have to use the console cable to establish a connection to the ASA since it appears that your HTTPS/SSH access lists are not configured correctly.
Use the blue console cable to establish a connection to the ASA and from the command line interface, go to enable mode and issue the following commands:
conf t
http server enable
http 192.168.1.0 255.255.255.0 inside - where the IP has to be the inside IP scope assigned.
Once I did this using the 10.0.X.X IP, I was then able to use ASDM to configure the VPN settings.
Hope this helps…. comment if you have any questions.
July 11th, 2008 at 12:10 pm
This was good information. I’ve passed your url to a few of my associates. Take care. RapidInternet Inc.
July 22nd, 2008 at 10:19 am
Thanks,
That saved me bunch of time.
July 22nd, 2008 at 8:21 pm
Ruso, no problem. I know I had a hard time with it at first…. hope it helped!
September 18th, 2008 at 5:32 pm
Thanks a million! It worked perfectly!
September 18th, 2008 at 10:00 pm
Glad it was able to help you out Josh! I still have to resort to this post every once in a while, lol….