10-15-2012 12:20 AM - edited 03-11-2019 05:08 PM
Hi,
I have an ASA with three different asdm's loaded on the flash, running on 8.32-k8.bin ios.
asdm-634.bin
asdm-645.bin
asdm-649-103.bin
When i try opening via ASDM, it throughs the error " Unable to launch the application "
I have the below commands configured in asa,
http server enable
http 10.0.0.0 255.0.0.0 inside
asdm image disk0:/asdm-645.bin
Current BOOT variable = disk0:/asa832-k8.bin;disk0:/asa823-k8.bin
Please see the debug info when i tried login,
bej5505fw01# HTTP: processing handoff to legacy admin server [/]
HTTP: session verified = [0]
HTTP: processing GET URL '/' from host 10.103.154.213
HTTP: redirecting to: /admin/public/index.html
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/index.html' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/index.html, length: 6725
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/cisco.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/cisco.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asa-pix.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/asa-pix.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm.jnlp' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/asdm.jnlp, length: 1441 bej5505fw01# HTTP: processing handoff to legacy admin server [/]
HTTP: session verified = [0]
HTTP: processing GET URL '/' from host 10.103.154.213
HTTP: redirecting to: /admin/public/index.html
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/index.html' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/index.html, length: 6725
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/cisco.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/cisco.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asa-pix.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/asa-pix.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm.jnlp' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/asdm.jnlp, length: 1441
From the PC i have cleared the cache, SSL cert, cookies and history. but still no luck. Can anyone please help me on this ?
Solved! Go to Solution.
10-16-2012 05:37 AM
Hello,
Good,
Now do the following
ssl encryption aes256-sha1 des-sha1 3des-sha1
Then give it a try
Remember to rate all of the support answers, this is why we are here.. Just mark the stars on the bottom of each answer.
Regards,
10-15-2012 10:49 AM
Hello,
What is the java version you are running on the PC?
Can you do the following as well
cap asp type asp drop all circular-bruffer
then try to connect and provide:
show cap asp | include 10.103.154.213
Any other question..Sure..Just remember to rate all the helpful posts.
Regards,
Julio
10-15-2012 11:04 PM
Hi Julio,
Thanks for the reply. I was using Java 5 and recently upgraded to 7 because of this issue.
It is not prompting for username and password, It throws the error before that "unable to load application"
As requested, Please see the below capture.
bej5505fw01(config)# show cap asp | include 10.103.154.213
586: 05:58:08.614287 802.1Q vlan#1 P0 10.103.154.213.3883 > 10.102.48.2.443: F 3020129898:3020129898(0) ack 3841894189 win 65528
Cheers
Ram
10-16-2012 05:12 AM
Hello,
So you had the issue while ussing java 5??? Is that correct? Are you 100 % sure of that??
I am asking that because there are known issues with ASDM while using java version 7.
Can you provide me the following:
show run ssl
Any other question..Sure..Just remember to rate all the helpful posts.
10-16-2012 05:24 AM
Hi,
Yes, I had issues while using Java 5. So i updated it to version 7.
bej5505fw01# sh run ssl
ssl encryption des-sha1
10-16-2012 05:26 AM
Hello Ramkumar,
Okay...
Do the following for me:
Show version and provide me the output
We are getting closer already know what is the issue
Regards,
Julio
03-13-2014 01:19 PM
Hi Julio:
I am having the same issue, but after running the command ssl encryption aes256-sha1 des-sha1 3des-sha1, it didn't fix my issue.
I did debug http, and it gives me the following message:
sec/act(config)# listen: Received HTTP request.
Started http listen on interface MGMT port 443
HTTP: processing GET URL '/admin/public/index.html' from host 10.1.16.255
HTTP: authentication not required
HTTP: file not found: public/index.html
Any help is appreciated.
10-16-2012 05:28 AM
Here you go...
bej5505fw01# sh ver
Cisco Adaptive Security Appliance Software Version 8.3(2)
Device Manager Version 6.4(5)
Compiled on Fri 30-Jul-10 17:49 by builders
System image file is "disk0:/asa832-k8.bin"
Config file at boot was "startup-config"
bej5505fw01 up 4 days 1 hour
Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.06
0: Int: Internal-Data0/0 : address is 0023.33cd.ffcb, irq 11
1: Ext: Ethernet0/0 : address is 0023.33cd.ffc3, irq 255
2: Ext: Ethernet0/1 : address is 0023.33cd.ffc4, irq 255
3: Ext: Ethernet0/2 : address is 0023.33cd.ffc5, irq 255
4: Ext: Ethernet0/3 : address is 0023.33cd.ffc6, irq 255
5: Ext: Ethernet0/4 : address is 0023.33cd.ffc7, irq 255
6: Ext: Ethernet0/5 : address is 0023.33cd.ffc8, irq 255
7: Ext: Ethernet0/6 : address is 0023.33cd.ffc9, irq 255
8: Ext: Ethernet0/7 : address is 0023.33cd.ffca, irq 255
9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255
10: Int: Not used : irq 255
11: Int: Not used : irq 255
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
Inside Hosts : Unlimited perpetual
Failover : Disabled perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
SSL VPN Peers : 2 perpetual
Total VPN Peers : 10 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
AnyConnect Essentials : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Enabled 460 days
Intercompany Media Engine : Disabled perpetual
This platform has a Base license.
Serial Number: JMX1245Z1TF
Running Permanent Activation Key: 0x173ccb69 0x4cf555d3 0x10230dcc 0xb6a8580c 0x8f0616bb
Running Timebased Activation Key: 0x3a1bf4e2 0xa175ee9d 0x25bb0a5f 0xe7dff0cb 0xc3b50abe
Configuration register is 0x1
Configuration last modified by hartmannj at 07:05:48.057 UTC Mon Oct 15 2012
10-16-2012 05:37 AM
Hello,
Good,
Now do the following
ssl encryption aes256-sha1 des-sha1 3des-sha1
Then give it a try
Remember to rate all of the support answers, this is why we are here.. Just mark the stars on the bottom of each answer.
Regards,
10-16-2012 05:44 AM
You are the MAN...
It is working now, how did you identify the issue ?
10-16-2012 05:49 AM
Hello Ramkumar,
Long time working on cases like this
With issues like this I start with the basics:
- Check the ASDM image is in flash
-Check the http server service on the asa is enabled for the right subnets
-Check the java version
-Check the ssl encryption algorithm used by the asa ( and here is where your problem was, as you were using a poor encryption algorithm different from what the client was trying to use, so as soon as we changed the client and server were able to negotiate and maintain the TLS/SSL session)
Hope this helps,
Julio
10-16-2012 05:53 AM
Great, Thanks a lot Julio.
Do Keep in touch, my Facebook ID ramuccna@gmail.com if interested just send an invite.
Thanks for your time mate.
Cheers
Ram
10-16-2012 06:03 AM
Hello,
Sure, my pleasure
Regards
11-22-2017 09:33 AM
Hi dear,
any reason you see why its not working for me .
HTTP: processing GET URL '/admin/public/jploader.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/jploader.jar, length: 67324
HTTP: processing GET URL '/admin/public/dm-launcher.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/dm-launcher.jar, length: 105006
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/lzma.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/lzma.jar, length: 9326
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/retroweaver-rt-2.0.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/retroweaver-rt-2.0.jar, length: 110994
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm32.gif' from host 10.202.10.33
HTTP: authentication not required
HTTP: file not modified: public/asdm32.gif
04-10-2015 01:05 PM
Fixed my issue too. I had recently removed an old certificate and added a new one and during the process it added the line " SSL encryption aes256-sha1", which wasn't there before. After adding the full line "ssl encryption aes256-sha1 des-sha1 3des-sha1" it worked. Thanks! 2 hours spent trying to figure out the problem.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: