Cannot connect to ASA using https

Answered Question
Apr 20th, 2010

I'm trying to access my box ASA 5540 by https://ipaddress but I can't. I'm using Linux. I already have installed ASDM (when it works) and I can enter in the box by ASDM.

The Mozilla show the message: "Error code: ssl_error_no_cypher_overlap".

But I was looking and I did these tests.

OSInternet Explorer 7 and 8
Mozilla Firefox 3.6
Google Chrome
Linuxdoesn't workdoesn't workdoesn't work
Windows XPWorks Finedoesn't workWorks Fine
Windows Vista / Windows 7doesn't workdoesn't workdoesn't work

I've already clear all configuration of browsers, reboot the box, reboot the machines, re-generate a crypto key on ASA, enable and disable the http server and didn't work.

st02/sec/act# sh run http
http server enable
http management
http external

st02/sec/act# sh run asdm
asdm image disk0:/asdm-625.bin
asdm history enable

Looking to ASA log it possible see:

6|Apr 20 2010|14:01:19|725001||35539|||Starting SSL handshake with client external: for TLSv1 session.

Can anyone help with this situation.

Correct Answer by Jennifer Halim about 6 years 10 months ago

Check the output of: sh run all ssl

Make sure you have all the combinations of ssl encryption algorithm as per the following:

ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Fernando Patzlaff Fri, 06/11/2010 - 12:06

the command

ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1

solve the problem. Thanks!


This Discussion