Filter
Top Products
B-13
Cisco ASDM User Guide
OL-16647-01
Appendix B Troubleshooting
Common Problems
User's Identity not Preserved Across Contexts
If your network will be organized into multiple contexts, be aware that, when changing contexts, the user
identity is not preserved. The user becomes a default (enable_15) user in the new context, with
Administrative access (privilege level 15 access).
Common Problems
This section describes common problems with the security appliance, and how you might resolve them.
Symptom ASDM screen becomes blank when you click Configure.
Possible Cause CSDM failed due to the data.xml file.
Recommended Action Click Refresh.
Symptom The context configuration was not saved, and was lost when you reloaded.
Possible Cause You did not save each context within the context execution space. If you are
configuring contexts at the command line, you did not save the current context before you changed
to the next context.
Recommended Action Save each context within the context execution space using the copy run start
command. You cannot save contexts from the system execution space.
Symptom You cannot make a Telnet or SSH connection to the security appliance interface.
Possible Cause You did not enable Telnet or SSH to the security appliance.
Recommended Action Enable Telnet or SSH to the security appliance.
Symptom You cannot ping the security appliance interface.
Possible Cause You disabled ICMP to the security appliance.
Recommended Action Enable ICMP to the security appliance for your IP address using the icmp
command.
Symptom You cannot ping through the security appliance, although the access list allows it.
Possible Cause You did not enable the ICMP inspection engine or apply access lists on both the
ingress and egress interfaces.
Recommended Action Because ICMP is a connectionless protocol, the security appliance does not
automatically allow returning traffic through. In addition to an access list on the ingress interface,
you either need to apply an access list to the egress interface to allow replying traffic, or enable the
ICMP inspection engine, which treats ICMP connections as stateful connections.