unable to load admin page asa 5512

Kenny McLean · ‎04-16-2014

Hi,

I have a new ASA 5512-X, out-of-the-box, which I am unable to open the admin web page on.

Laptop - Lenovo Windows 7 64 bit

Browsers - Firefox 28 & IE 11

Java is installed and correct vesrions

ASDM on the 5512 - asdm-66114.bin

ASA Ver - asa861-2-smp-k8.bin

https is enabled and I'm using IP addresses that are allowed connectivity to the 5512

When i browse to https://192.168.1.1/admin I am presented with a certificate error as expected, I accept the certificate, then the page hangs. This happens on both Firefox and IE.

Wireshark shows the TCP 3-way handshake and the TLS/SSL negotiation which is then immediately followed by the 5512 sending SSL data then a FIN,PSH,ACK packet back to my PC. then a load of TCP retransmits from both my PC and the 5512.

Now, I tried a different PC (Dell), same OS, same ver of Firefox but IE ver.9, and did not have any problems being presented with the 'Run ASDM Wizard' page.

Has anyone had a similar issue? Has anyone please got any idea what config on my PC may be at fault?

Many thanks for any suggestions and help.

Cheers

Marvin Rhoads · ‎04-27-2014

Please have a look at the ssl settings on the ASA: "show run | i ssl".

You may not have strong ciphers enabled and the PC with the newer browser does not accept the default weak ciphers. I make it a habit to setup ASAs with:

ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5

Those are all strong ciphers.