Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5808
Views
10
Helpful
3
Replies

Cannot connect to ASA using https

Go to solution
Fernando Patzlaff
Level 1
Level 1

‎04-20-2010 10:40 AM - edited ‎03-11-2019 10:35 AM

I'm trying to access my box ASA 5540 by https://ipaddress but I can't. I'm using Linux. I already have installed ASDM (when it works) and I can enter in the box by ASDM.

The Mozilla show the message: "Error code: ssl_error_no_cypher_overlap".

But I was looking and I did these tests.

OSInternet Explorer 7 and 8
Mozilla Firefox 3.6
Google Chrome
Linuxdoesn't workdoesn't workdoesn't work
Windows XPWorks Finedoesn't workWorks Fine
Windows Vista / Windows 7doesn't workdoesn't workdoesn't work

I've already clear all configuration of browsers, reboot the box, reboot the machines, re-generate a crypto key on ASA, enable and disable the http server and didn't work.

st02/sec/act# sh run http
http server enable
http 192.168.1.0 255.255.255.0 management
http 0.0.0.0 0.0.0.0 external

st02/sec/act# sh run asdm
asdm image disk0:/asdm-625.bin
asdm history enable

Looking to ASA log it possible see:

6|Apr 20 2010|14:01:19|725001|192.168.100.100|35539|||Starting SSL handshake with client external:172.28.7.94/35539 for TLSv1 session.

Can anyone help with this situation.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-20-2010 02:42 PM

Check the output of: sh run all ssl

Make sure you have all the combinations of ssl encryption algorithm as per the following:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1406272

ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1

View solution in original post

3 Replies 3

Go to solution
mvsheik123
Level 7
Level 7

‎04-20-2010 12:40 PM

Hi,

You might checked on this - but just incase, For Mozilla, I found the below...

https://support.mozilla.com/en-US/forum/1/585826

hth

MS

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-20-2010 02:42 PM

Check the output of: sh run all ssl

Make sure you have all the combinations of ssl encryption algorithm as per the following:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1406272

ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1

Go to solution
Fernando Patzlaff
Level 1
Level 1
In response to Jennifer Halim

‎06-11-2010 12:06 PM

the command

ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1

solve the problem. Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card