Cisco ASDM User Guide, 6.1
Welcome to ASDM
Download this chapter
Welcome to ASDMWelcome to ASDM
Download the complete book
Full-Book PDF: Cisco ASDM User Guide, 6.1Full-Book PDF: Cisco ASDM User Guide, 6.1 (PDF - 13 MB)
give_us_feedback

Table Of Contents

Welcome to ASDM

ASDM Client Operating System and Browser Requirements

VPN Specifications

Supported Platforms and SSMs

New ASDM Features

Multiple ASDM Session Support

Unsupported Commands

Ignored and View-Only Commands

Effects of Unsupported Commands

Discontinuous Subnet Masks Not Supported

Interactive User Commands Not Supported by the ASDM CLI Tool

About the ASDM Interface

Menus

File Menu

View Menu

Tools Menu

Wizards Menu

Window Menu

Help Menu

Toolbar

ASDM Assistant

Status Bar

Connection to Device

Device List

Common Buttons

Keyboard Shortcuts

Enabling Extended Screen Reader Support

Organizational Folder

About the Help Window

Header Buttons

Browser Window

Home Pane

Device Dashboard Tab

Firewall Dashboard Tab

Content Security Tab

Intrusion Prevention Tab

Connecting to IPS

System Home Pane


Welcome to ASDM

Cisco Adaptive Security Device Manager (ASDM) delivers world-class security management and monitoring services for security appliances through an intuitive, easy-to-use, management interface. Bundled with supported security appliances, the device manager accelerates security appliance deployment with intelligent wizards, robust administration tools, and versatile monitoring services that complement the advanced security and networking features offered by Cisco ASA 5500 series and Cisco PIX 500 series security appliances.

Note If you change the color scheme of your operating system while ASDM is running, you should restart ASDM, because some ASDM screens might not display correctly.

This section includes the following topics:

ASDM Client Operating System and Browser Requirements

VPN Specifications

Supported Platforms and SSMs

New ASDM Features

Multiple ASDM Session Support

Unsupported Commands

About the ASDM Interface

About the Help Window

Home Pane

System Home Pane

ASDM Client Operating System and Browser Requirements

Table 1-1 lists the supported and recommended client operating systems and Java for ASDM.

Table 1-1 Operating System and Browser Requirements 

Operating System
Version
Browser
Other Requirements

Microsoft Windows

Windows Vista

Windows 2003 Server

Windows XP

Windows 2000 (Service Pack 4)

Internet Explorer 6.0 or 7.0 with Sun Java SE1 Plug-in 1.4.2, 5.0 (1.5.0), or 6.0

Firefox 1.5 or 2.0 with Java SE Plug-in 1.4.2, 5.0 (1.5.0), or 6.0

SSL Encryption Settings—All available encryption options are enabled for SSL in the browser preferences.

Note ASDM supports both the English and Japanese versions of Windows.

Note HTTP 1.1—Settings for Internet Options > Advanced > HTTP 1.1 should use HTTP 1.1 for both proxy and non-proxy connections.

Apple MacIntosh

Apple MacIntosh OS X

Firefox 1.5 or 2.0 or Safari 2.0 with Java SE Plug-in 1.4.2, 5.0 (1.5.0), or 6.0

 

Linux

Red Hat Desktop, Red Hat Enterprise Linux WS version 4 running GNOME or KDE

Firefox 1.5 or 2.0 with Java SE Plug-in 1.4.2, 5.0 (1.5.0), or 6.0

 

1 Obtain Sun Java from java.sun.com.


VPN Specifications

See the Cisco ASA 5500 Series VPN Compatibility Reference at http://cisco.cisco.com/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html.

Supported Platforms and SSMs

ASDM Version 6.1(5) supports the following platforms and releases:

ASA 5505, software Version 8.0(2), 8.0(3), and 8.0(4)

ASA 5510, software Version 8.0(2), 8.0(3), and 8.0(4)

ASA 5520, software Version 8.0(2), 8.0(3), and 8.0(4)

ASA 5540, software Version 8.0(2), 8.0(3), and 8.0(4)

ASA 5550, software Version 8.0(2), 8.0(3), and 8.0(4)

ASA 5580, software Version 8.1(1) and 8.1(2)

PIX 515/515E, software Version 8.0(2), 8.0(3), and 8.0(4)

PIX 525, software Version 8.0(2), 8.0(3), and 8.0(4)

PIX 535, software Version 8.0(2), 8.0(3), and 8.0(4)

ASDM Version 6.1(5) supports the following SSMs and releases:

Advanced Inspection and Prevention (AIP) SSM, software Version 5.0, 5.1, and 6.0

Content Security and Control (CSC) SSM, software Version 6.1 and 6.2

Table 1-2 shows the SSMs supported by each platform:

Table 1-2 SSM Support 

Platform
SSM Models

ASA 5505

No support

ASA 5510

AIP SSM 10

AIP SSM 20

CSC SSM 10

CSC SSM 20

4GE SSM

ASA 5520

AIP SSM 10

AIP SSM 20

CSC SSM 10

CSC SSM 20

4GE SSM

ASA 5540

AIP SSM 10

AIP SSM 20

CSC SSM 101

CSC SSM 201

4GE SSM

ASA 5550

No support (the 4GE SSM is built-in and not user-removable)

ASA 5580

No support

PIX 515/515E

No support

PIX 525

No support

PIX 535

No support

1 The CSC SSM licenses support up to 1000 users while the Cisco ASA 5540 Series appliance can support significantly more users. If you deploy CSC SSM with an ASA 5540 adaptive security appliance, be sure to configure the security appliance to send the CSC SSM only the traffic that should be scanned.


New ASDM Features

Note For supported platform features, see the "New Features by Platform Release" section on page 2-1.

Table 1-3 lists the new features for ASDM Version 6.1(5).

Table 1-3 New Features for ASDM Version 6.1(5)

Feature
Description

Support for Cisco ASA 5580 software Version 8.1(2)

All 8.1(2) features are supported unless specifically noted.


Multiple ASDM Session Support

ASDM allows multiple PCs or workstations to each have one browser session open with the same adaptive security appliance software. A single adaptive security appliance can support up to five concurrent ASDM sessions in single, routed mode. Only one session per browser per PC or workstation is supported for a specified adaptive security appliance. In multiple context mode, five concurrent ASDM sessions are supported per context, up to a maximum of 32 total connections for each adaptive security appliance.

Unsupported Commands

ASDM supports almost all commands available for the adaptive security appliance, but ASDM ignores some commands in an existing configuration. Most of these commands can remain in your configuration; see Tools > Show Commands Ignored by ASDM on Device for more information.

This section includes the following topics:

Ignored and View-Only Commands

Effects of Unsupported Commands

Discontinuous Subnet Masks Not Supported

Interactive User Commands Not Supported by the ASDM CLI Tool

Ignored and View-Only Commands

Table 1-4 lists commands that ASDM supports in the configuration when added through the CLI, but that cannot be added or edited in ASDM. If ASDM ignores the command, it does not appear in the ASDM GUI at all. If the command is view-only, then it appears in the GUI, but you cannot edit it.

Table 1-4 List of Unsupported Commands 

Unsupported Commands
ASDM Behavior

access-list

Ignored if not used

capture

Ignored

dns-guard

Ignored

eject

Unsupported

established

Ignored.

failover timeout

Ignored

icmp-unreachable rate-limit

Ignored

ipv6, any IPv6 addresses

Ignored

pager

Ignored

pim accept-register route-map

Ignored. You can configure only the list option using ASDM.

prefix-list

Ignored if not used in an OSPF area

route-map

Ignored

service-policy global

Ignored if it uses a match access-list class. For example: 

access-list myacl line 1 extended permit ip 
any any

class-map mycm

match access-list mycl

policy-map mypm

class mycm

inspect ftp

service-policy mypm global

switchport trunk native vlan

Ignored

sysopt nodnsalias

Ignored

sysopt uauth allow-http-cache

Ignored

terminal

Ignored


Effects of Unsupported Commands

If ASDM loads an existing running configuration and finds IPv6-related commands, ASDM displays a dialog box informing you that it does not support IPv6. You cannot configure any IPv6 commands in ASDM, but all other configuration is available.

If ASDM loads an existing running configuration and finds other unsupported commands, ASDM operation is unaffected. To view the unsupported commands, choose Tools > Show Commands Ignored by ASDM on Device.

If ASDM loads an existing running configuration and finds the alias command, it enters Monitor-only mode.

Monitor-only mode allows access to the following functions:

The Monitoring area

The CLI tool (Tools > Command Line Interface), which lets you use the CLI commands

To exit Monitor-only mode, use the CLI tool or access the security appliance console, and remove the alias command. You can use outside NAT instead of the alias command. See the Cisco Security Appliance Command Reference for more information.

Note You might also be in Monitor-only mode because your user account privilege level, indicated in the status bar at the bottom of the main ASDM window, was set up as less than or equal to three by your system administrator, which allows Monitor-only mode. For more information, choose Configuration > Device Management > Users/AAA > User Accounts and
Configuration > Device Management > Users/AAA > AAA Access.

Discontinuous Subnet Masks Not Supported

ASDM does not support discontinuous subnet masks such as 255.255.0.255. For example, you cannot use the following: 

ip address inside 192.168.2.1 255.255.0.255

Interactive User Commands Not Supported by the ASDM CLI Tool

The ASDM CLI tool does not support interactive user commands. If you enter a CLI command that requires interactive confirmation, ASDM prompts you to enter "[yes/no]" but does not recognize your input. ASDM then times out waiting for your response.

For example:

1. From the ASDM Tools menu, click Command Line Interface.

2. Enter the crypto key generate rsa command.

ASDM generates the default 1024-bit RSA key.

3. Enter the crypto key generate rsa command again.

Instead of regenerating the RSA keys by overwriting the previous one, ASDM displays the following error: 

Do you really want to replace them? [yes/no]:WARNING: You already have RSA 
ke0000000000000$A key

Input line must be less than 16 characters in length.


%Please answer 'yes' or 'no'.

Do you really want to replace them [yes/no]:


%ERROR: Timed out waiting for a response.

ERROR: Failed to create new RSA keys names <Default-RSA-key>

Workaround:

You can configure most commands that require user interaction by means of the ASDM panes.

For CLI commands that have a noconfirm option, use this option when entering the CLI command. For example: 

crypto key generate rsa noconfirm

About the ASDM Interface

The ASDM interface is designed to provide easy access to the many features that the adaptive security appliance supports. The ASDM interface includes the following components:

Menu Bar—Provides quick access to files, tools, wizards, and help. Many menu items also have keyboard shortcuts.

Toolbar—Lets you navigate ASDM. From the toolbar you can access the home pane, configuration, and monitoring panes. You can also get help and navigate between panes.

Status Bar—Shows the time, connection status, user, and privilege level.

Device List—Displays a list of devices that you can access through ASDM. For more information, see Device List.

Addresses/Services/Time Ranges—Displays a dockable pane that shows various objects you can use in the rules tables when you create access, filter, and service rules.

Navigation—Displays a dockable pane that lets you navigate the Configuration and Monitoring screens.

Note Tool tips have been added for various parts of the GUI, including wizards, and the configuration and monitoring panes.

This section includes the following topics:

Menus

Toolbar

Status Bar

Common Buttons

Keyboard Shortcuts

Enabling Extended Screen Reader Support

Menus

You can access the ASDM menus using the mouse or keyboard. See Keyboard Shortcuts for more information about accessing the menu bar from the keyboard. ASDM has the following menus:

File Menu

View Menu

Tools Menu

Wizards Menu

Window Menu

Help Menu

File Menu

The File menu manages adaptive security appliance configurations, and includes the following items:

Refresh ASDM with the Running Configuration on the Device—Loads a copy of the running configuration to ASDM. Click Refresh to make sure ASDM has a current copy of the running configuration.

Reset Device to the Factory Default Configuration—Restores the configuration to the factory default. See the Reset Device to the Factory Default Configuration dialog box for more information.

Show Running Configuration in New Window—Displays the current running configuration in a new window.

Save Running Configuration to Flash—Writes a copy of the running configuration to Flash memory.

Save Running Configuration to TFTP Server—Stores a copy of the current running configuration file on a TFTP server. See the Save Running Configuration to TFTP Server dialog box for more information.

Save Running Configuration to Standby Unit—Sends a copy of the running configuration file on the primary unit to the running configuration of a failover standby unit.

Save Internal Log Buffer to Flash—Saves the internal log buffer to Flash memory.

Print—Prints the current page. We recommend landscape page orientation when you print rules. When you use Internet Explorer, permission to print is already granted when you originally accepted the signed applet.

Clear ASDM Cache—Removes local ASDM images. ASDM downloads images locally when you connect to ASDM.

Clear Internal Log Buffer—Empties the system log message buffer.

Exit—Closes ASDM.

View Menu

The View menu lets you display various parts of the ASDM interface. Certain items are dependent on the current view. You cannot select items that cannot be displayed in the current view. For example, the Latest ASDM Syslog Messages pane is only available when the home view is displayed.

Home—Displays the home view.

Configuration—Displays the configuration view.

Monitoring—Displays the monitoring view.

Device List—Displays a list of devices in a dockable pane. For more information, see Device List.

Navigation—Shows and hides the display of the Navigation pane in the configuration and monitoring views.

Latest ASDM Syslog Messages—Shows and hides the display of the Latest ASDM Syslog Messages pane in the home view.

Addresses—Shows and hides the display of the Addresses pane. The Addresses pane is only available for the Access Rules, NAT Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the configuration view.

Services—Shows and hides the display of the Services pane. The Services pane is only available for the Access Rules, NAT Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the configuration view.

Time Ranges—Shows and hides the display of the Time Ranges pane. The Time Ranges pane is only available for the Access Rules, Service Policy Rules, AAA Rules, and Filter Rules panes in the configuration view.

Global Pools—Shows and hides the display of the Global Pools pane. The Global Pools pane is only available for the NAT Rules pane in the configuration view.

Find—Locates an item for which you are searching, such as a feature or the ASDM Assistant.

Back—See Common Buttons for more information.

Forward—See Common Buttons for more information.

Reset Layout—Returns the layout to the default configuration.

Office Look and Feel—Changes the screen fonts and colors to the Microsoft Office settings.

Tools Menu

The Tools menu provides you with the following series of tools to use with ASDM:

Command Line Interface—Provides a text-based tool for sending commands to the adaptive security appliance and viewing the results. See the Command Line Interface dialog box for more information.

Show Commands Ignored by ASDM on Device—Displays unsupported commands that have been ignored by ASDM. See the Show Commands Ignored by ASDM on Device dialog box for more information.

Packet Tracer—Lets you trace a packet from a specified source address and interface to a destination. You can specify the protocol and port of any type of data and view the lifespan of a packet, with detailed information about actions taken on it. See the Packet Tracer dialog box for more information.

Ping—Lets you verify the configuration and operation of the adaptive security appliance and surrounding communications links, as well as perform basic testing of other network devices. See the Ping dialog box for more information.

Traceroute—Lets you determine the route packets will take to their destination. See the Traceroute dialog box for more information.

File Management—Lets you view, move, copy, and delete files stored in Flash memory. You can also create a directory in Flash memory. See the File Management dialog box for more information. You can also display the File Transfer dialog box to transfer files between various file systems, including TFTP, Flash memory, and your local PC.

Upgrade Software from Local Computer—Lets you choose an adaptive security appliance image, ASDM image, or another image on your PC, and upload the file to Flash memory. See the Upgrade Software from Local Computer dialog box for more information.

Upgrade Software from Cisco.com—Lets you upgrade adaptive security appliance software and ASDM software through a wizard. See the Upgrade Software from Cisco.com Wizard for more information.

Upload ASDM Assistant Guide—Lets you upload an XML file to Flash memory that contains information used in the ASDM Assistant. You can download these files from Cisco.com. See the ASDM Assistant dialog box for more information.

System Reload—Lets you restart the ASDM and reload the saved configuration into memory. See the System Reload dialog box for more information.

Administrator's Alerts to Clientless SSL VPN Users—Lets an administrator send an alert message to clientless SSL VPN users. See the Administrator's Alert to Clientless SSL VPN Users dialog box for more information.

Preferences—Changes the behavior of specified ASDM functions between sessions. See the Preferences dialog box for more information.

ASDM Java Console—Shows the Java console. See the ASDM Java Console dialog box for more information.

Wizards Menu

The Wizards menu lets you run a wizard to configure multiple features.

Startup Wizard—This wizard walks you, step-by-step, through the initial configuration of your adaptive security appliance. For more information, see Using the Startup Wizard.

IPSec VPN Wizard—This wizard enables you to configure an IPSec VPN policy on your adaptive security appliance. For more information, see the VPN Wizard.

SSL VPN Wizard—This wizard enables you to configure an SSL VPN policy on your adaptive security appliance. For more information, see the VPN Wizard.

High Availability and Scalability Wizard— This wizard allows you to configure failover on your adaptive security appliance. For more information, see High Availability.

Packet Capture Wizard— This wizard allows you to configure packet capture on your adaptive security appliance. The wizard runs one packet capture on each ingress and egress interface. After you run the capture, you can save the capture on your computer, and then examine and analyze the capture with a packet analyzer. For more information, see the Packet Capture Wizard.

Window Menu

The Window menu enables you to move between ASDM windows. The active window appears as the selected window.

Help Menu

The Help menu provides links to online Help, as well as information about ASDM and the adaptive security appliance.

Help Topics—Opens a new browser window with help organized by contents, screen name, and indexed in the left frame. Use these methods to find help for any topic, or search using the Search tab.

Help for Current Screen—Opens context-sensitive help about that screen.The wizard runs the screen, pane, or dialog box that is currently open. You can also click the question mark (?) help icon for context-sensitive help.

Release Notes—Opens the most current version of the Cisco ASDM Release Notes on Cisco.com. The Release Notes contain the most current information about ASDM software and hardware requirements, and the most current information about changes in the software.

Getting Started—Opens the Getting Started help topic to help you begin using ASDM.

ASDM Assistant—Opens the ASDM Assistant, which lets you search downloadable content from Cisco.com, with details about performing certain tasks.

About Cisco Adaptive Security Appliance (ASA)—Displays information about the adaptive security appliance, including the software version, hardware set, configuration file loaded at startup, and software image loaded at startup. This information is helpful in troubleshooting.

About Cisco ASDM 6.1—Displays information about ASDM such as the software version, hostname, privilege level, operating system, device type, and Java version.

Toolbar

The Toolbar below the menus provides access to the home view, configuration view, and monitoring view. It also lets you choose between the system and security contexts in multiple context mode, and provides navigation and other commonly used functions.

System/Contexts—Click the down arrow to open the context list in a left-hand pane, and click the up arrow to restore the context drop-down list. After you have expanded this list, click the left arrow to collapse the pane, and the right arrow to restore the pane. To manage the system, choose System from the list. To manage a context, choose one from the list.

Home—Displays the Home Pane, which lets you view important information about your adaptive security appliance such as the status of your interfaces, the version you are running, licensing information, and performance. See the Home pane for more information. In multiple mode, the system does not have a Home pane.

Configuration—Configures the adaptive security appliance. Choose a feature button in the left-hand pane to configure that feature.

Monitoring—Monitors the adaptive security appliance. Choose a feature button in the left-hand pane to monitor that feature.

Back—Takes you back to the last pane of ASDM you visited.

Forward—Takes you forward to the last pane of ASDM you visited.

Search—Lets you search for a feature in ASDM. The Search function looks through the titles of each pane and presents you with a list of matches, and gives you a hyperlink directly to that pane. If you need to switch quickly between two different panes you found, click Back or Forward. See the ASDM Assistant for more information.

Refresh—Refreshes ASDM with the current running configuration, except for graphs in any of the monitoring graphs.

Save—Saves the running configuration to the startup configuration for write-accessible contexts only.

Help—Shows context-sensitive help for the screen that is currently open.

ASDM Assistant

The ASDM Assistant dialog box lets you search for useful ASDM procedural help about certain tasks. You must first upload the ASDM Assistant Guide through the Tools menu to make the help available. See the ASDM Assistant dialog box for more information.

This dialog box provides a two-pane window that lets you enter queries on the left-hand pane, lists the available links to information that result from those queries, and then displays the information that you selected or additional links on the right-hand pane.

The How Do I? tab lets you select specific areas on which to search. The Search tab lets you enter terms and features about which you want more information and specify the type of results you want.

How Do I? Tab

Fields

Show tasks—Choose the type of information you want from the drop-down list. The available types are Security Policy, ASDM, Administration, and All.

Search Tab

Fields

For—Enter the term about which you want more information.

How Do I?—Check this check box to include downloadable content from Cisco.com, with details about performing certain tasks.

Features—Check to include features about which you want more details.

Include—Select from the following options the information you want to include: Exact Phrase, Any Word, or All Words.

Exclude—Specify the information that you want to exclude.

Search—Click to start the query.

Status Bar

The status bar appears at the bottom of the ASDM window, and shows the following areas from left to right.

Status—Shows the status of the configuration (for example, "Device configuration loaded successfully.").

User Name—Shows the username of the ASDM user. If you logged in without a username, the username is "admin."

User Privilege—Shows the privilege of the ASDM user.

Commands Ignored by ASDM—Click the icon to show a list of commands from your configuration that ASDM did not process. These commands will not be removed from the configuration. See Show Commands Ignored by ASDM on Device for more information.

Status of Connection to Device—Shows the ASDM connection status to the adaptive security appliance. See Connection to Device for more information.

Save to Flash Needed—Shows that you made configuration changes in ASDM, but that you still must save the running configuration to the startup configuration.

Refresh Needed—Shows that you need to refresh the configuration from the adaptive security appliance to ASDM, because the configuration on the adaptive security appliance changed (for example, you made a change to the configuration through the CLI).

SSL Secure—Shows that the connection to ASDM is secure because it uses SSL.

Time—Shows the time that is set on the switch that contains the adaptive security appliance.

Connection to Device

ASDM maintains a constant connection to the adaptive security appliance to maintain up-to-date monitoring and home pane data. This dialog box shows the status of the connection. When you make a configuration change, ASDM opens a second connection for the duration of the configuration, and then closes it; however, this dialog box does not represent the second connection.

Device List

The device list is a dockable pane. You can click one of the three buttons in the header to maximize or restore this pane, make it a floating pane that you can move, hide the pane, or close the pane. This pane is available in the home, configuration, monitoring, and system views. You can use this pane to switch to another device; however, that device must run the same version of ASDM that you are currently running. To display the pane fully, you must have at least two devices listed.

Note You cannot switch to another device that runs a different version of ASDM.

To use this pane to connect to another device, perform the following steps:

Step 1 Click Add to add another device to the list.

The Add Device dialog box appears.

Step 2 In the Device/IP Address/Name field, type the device name or IP address of the device, and then click OK.

Step 3 Click Delete to remove a selected device from the list.

Step 4 Click Connect to connect to another device.

The Enter Network Password dialog box appears.

Step 5 Type your username and password in the applicable fields, and then click Login.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System

 


Common Buttons

These buttons appear on many ASDM panes:

Apply—Sends changes made in ASDM to the adaptive security appliance and applies them to the running configuration.

Save —Writes a copy of the running configuration to Flash memory.

Reset—Discards changes and reverts to the information displayed before changes were made or the last time you clicked Refresh or Apply. After you click Reset, click Refresh to make sure that information from the current running configuration is displayed.

Restore Default—Clears the selected settings and returns to the default settings.

Cancel—Discards changes and returns to the previous pane.

Enable—Displays read-only statistics for a feature.

Close—Closes an open dialog box.

Clear—Removes information from a field or box, or removes a check from a check box.

Back—Returns you to the previous pane.

Forward—Takes you to the next pane.

Help—Displays help for the selected pane.

Keyboard Shortcuts

You can use the keyboard to navigate the ASDM interface.

Table 1-5 lists the keyboard shortcuts you can use to move across the three main areas of the ASDM interface.

Table 1-5 Navigating ASDM 

To display the
Windows/Linux
MacOS

Home Page

Ctrl+H

Shift+Command+H

Configuration Page

Ctrl+G

Shift+Command+G

Monitoring Page

Ctrl+M

Shift+Command+M

Help

F1

Command+?

Back

Alt+Left Arrow

Command+[

Forward

Alt+Rightarrow

Command+]

Refresh the display

F5

Command+R

Cut

Ctrl+X

Command+X

Copy

Ctrl+C

Command+C

Paste

Ctrl+V

Command+V

Save the configuration

Ctrl+S

Command+S

Popup menus

Shift+F10

Close a secondary window

Alt+F4

Command+W

Find

Ctrl+F

Command+F

Exit

Alt+F4

Command+Q

Exit a table or text area

Ctrl_Shift or Ctrl+Shift+Tab

Ctril+Shift or Ctrl+Shift+Tab


Table 1-6 lists the keyboard shortcut you can use to navigate within a pane.

Table 1-6 Moving the Focus

To move the focus to the
Press

next field

Tab

previous field

Shift+Tab

next field when the focus is in a table

Ctrl+Tab

previous field when the focus is in a table

Shift+Ctrl+Tab

next tab (when a tab has the focus)

Right Arrow

previous tab (when a tab has the focus)

Left Arrow

next cell in a table

Tab

previous sell in a table

Shift+Tab

next pane (when multiple panes are displayed)

F6

previous pane (when multiple panes are displayed)

Shift+F6


Table 1-7 lists the keyboard shortcuts you can use with the Log Viewers.

Table 1-7 Log Viewer Keyboard Shortcuts 

To display the
Windows/Linux
MacOS

Pause and Resume Real-Time Log Viewer

Ctrl+U

Command+.

Refresh Log Buffer Window

F5

Command+R

Clear Internal Log Buffer

Ctrl+Delete

Command+Delete

Copy Selected Log Entry

Ctrl+C

Command+C

Save Log

Ctrl+S

Command+S

Print

Ctrl+P

Command+P

Close a secondary window

Alt+F4

Command+W


Table 1-8 lists the keyboard shortcuts you can use to access menu items.

Table 1-8 Log Viewer Keyboard Shortcuts

To access the
Windows/Linux

Menu Bar

Alt

Next Menu

Right Arrow

Previous Menu

Left Arrow

Next Menu Option

Down Arrow

Previous Menu Option

Up Arrow

Selected Menu Option

Enter


Enabling Extended Screen Reader Support

By default, labels and descriptions are not included in tab order when you press the Tab key to navigate a pane. Some screen readers, such as JAWS, only read screen objects that have the focus. You can include the labels and descriptions in the tab order by enabling extended screen reader support.

To enable extended screen reader support, perform the following steps:

Step 1 In the main ASDM application window, choose Tools > Preferences.

The Preferences dialog box appears.

Step 2 On the General tab, check the Enable screen reader support check box.

Step 3 Click OK.

Step 4 Restart ASDM to activate screen reader support.

Organizational Folder

Some nodes in the navigation tree for the configuration and monitoring screens do not have associated configuration or monitoring panes. They are used to organize related configuration and monitoring items. Clicking on these folders displays a list of sub-items in the right-hand pane. You can click the name of a sub-item to go to that item.

About the Help Window

This section includes the following topics:

Header Buttons

Browser Window

Header Buttons

Click the applicable button to obtain the information you need.

About ASDM—Displays information about ASDM, including the hostname, version number, device type, adaptive security appliance software version number, privilege level, username, and operating system being used.

Search—Searches for information among online help topics.

Using Help—Describes the most efficient methods for using online help.

Glossary—Lists terms found in ASDM and adaptive security appliance devices.

Left-Pane Links—Moves through online help topics.

Contents—Displays a table of contents.

Screens—Lists help files by screen name.

Index—Provides an index of help topics found in ASDM online help.

Right-Pane Help Content—Displays the help for the selected topic.

Browser Window

When you open help and a help page is already open, the new help page will appear in the same browser window. If no help page is open, then the help page will appear in a new browser window.

When you open help and Netscape Communicator is the default browser, the help page will appear in a new browser window. If Internet Explorer is the default browser, the help page may appear either in the last-visited browser window or in a new browser window, according to your browser settings. You can control this behavior in Internet Explorer by choosing Tools > Internet Options > Advanced > Reuse windows for launching shortcuts.

Home Pane

The ASDM home pane lets you view important information about your adaptive security appliance. Status information on the home pane is updated every ten seconds. This pane usually has two tabs: Device Dashboard and Firewall Dashboard.

If you have a CSC SSM installed in your adaptive security appliance, the Content Security tab also appears on the home pane. The additional tab displays status information about the CSC SSM software.

If you have IPS software installed in your adaptive security appliance, the Intrusion Prevention tab also appears on the home pane. The additional tab displays status information about the IPS software.

This section includes the following topics:

Device Dashboard Tab

Firewall Dashboard Tab

Content Security Tab

Intrusion Prevention Tab

Fields

Latest ASDM Syslog Messages—Shows the most recent system messages generated by the adaptive security appliance, up to a maximum of 100 messages.

Click the square icon in the header to expand the logging pane. Click the double square icon in the header to return to the default size. Drag the divider up or down to resize the pane. You can also right-click an event and choose Clear Content, to clear the current messages; Save Content, to save the current messages to a file on your PC, Copy, to copy the content; and Color Settings, to change the background and foreground colors of system messages according to their severity. Click one of the four buttons in the header on the right-hand side to maximize or restore the pane, make it a floating pane that you can move, hide the pane, or close the pane.

Enable Logging—Click to enable logging and display system log messages.

Stop message display—Click the red icon on the right-hand side to stop updating the display of system log messages.

Resume message display—Click the green icon on the right-hand side to continue updating the display of system log messages.

Configure ASDM Syslog Filters—Click the filters icon on the right-hand side to open the Logging Filters pane.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System


Device Dashboard Tab

The Device Dashboard tab lets you view, at a glance, important information about your adaptive security appliance, such as the status of your interfaces, the version you are running, licensing information, and performance.

Fields

Device Information—Includes two tabs to show device information.

General—Shows the following information:

Host Name—Display only. Shows the adaptive security appliance hostname. See Device Name/Password to set the hostname.

ASA Version—Display only. Shows the adaptive security appliance software version.

Device Uptime—Display only. Shows how long the adaptive security appliance has been running.

ASDM Version—Display only. Shows the ASDM version.

Device Type—Display only. Shows the adaptive security appliance model.

Firewall Mode—Display only. Shows the firewall mode, either Routed or Transparent. See Firewall Mode Overview for more information.

Total Flash—Display only. Shows the total amount of available Flash memory.

Context Mode—Display only. Shows the context mode, either Single or Multiple. See Security Context Overview for more information.

Total Memory—Display only. Shows the total amount of available RAM.

License—Display only. Shows the level of support for licensed features on the adaptive security appliance. Shows the following information:

License—Display only. Shows the type of license, either Base or Premium.

Number of days until a time-based license expires, if applicable.

Inside Hosts—Display only. Shows inside hosts (ASA 5505 only).

Max VLANs—Display only. Shows the maximum number of VLANs allowed.

Failover—Display only. Shows the failover configuration, either Active/Active or Active/Standby.

Security Contexts—Display only. Shows the maximum numbers of security contexts allowed.

Dual ISP Support—Display only. Shows dual ISP support, if enabled (ASA 5505 only).

GTP/GPRS—Display only. Shows whether GTP/GPRS is enabled or disabled.

Encryption—Display only. Shows the type of encryption enabled.

VPN Peers—Display on