Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASDM Problems

Hi everone,

I recently bought an all brand new ASA 5510 and it is here by my side. I'm trying to configure it but when entering https://192.168.1.1/admin I get Page Not Found error on IE. I'm able to ping 192.168.1.1 and have success telnet 443 port.

Any idea?

Regards.             

Everyone's tags (4)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Red

Re: ASDM Problems

Hi Caio,

Apart from checking the Java version, you do necessarily need to add these on the ASA:

ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1

and

crypto key rsa generate modulus 1024

It should work after this.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC

ASDM Problems

Hello Caio,

Please add the following command, this should do it

ssl encryption aes256-sha1 aes128-sha1 3des-sha1

Rate all the helpful post

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
13 REPLIES
Red

ASDM Problems

Hi Caio,

Can you please share an output of:

show run asdm

show run http

show crypto key mypubkey rsa

show run all ssl

You can also follow this doc for troubleshooting:

https://supportforums.cisco.com/docs/DOC-15016

Hope this helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
New Member

ASDM Problems

Hi Varun,

sh run http:

http server enable

http 192.168.1.0 255.255.255.0 management

sh run all ssl:

ssl server-version any

ssl client-version any

ssl encryption des-sha1

The other two return nothing.

Thanks!

Hall of Fame Super Silver

ASDM Problems

I assume you are plugged directly into the Mgmt Ethernet port and getting a DHCP address from the ASA (or have manually assigned yourself one in the 192.168.1.0/24 network).

Can you check the output (from console) of "show activation-key"? Look for the 3DES/AES license to be active.

I have seen issue with updated browsers not working with ASDM due to the encryption expected by the browser's security settings not being active on the ASA. It is a free upgrade - go to www.cisco.com/go/licensing to get an activation key for 3DES/AES.

New Member

ASDM Problems

Hi Marvin

VPN-3DES-AES                   : Disabled

Is this one?

Thanks!

Red

ASDM Problems

Hi Caio,

Yes, as correctly mentioned by Marvin, you would need a 3DES license for it, but its not an issue, you can generate free license from  this site:

https://tools.cisco.com/SWIFT/LicensingUI/loadDemoLicensee?FormId=139

Hope that helps.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
New Member

ASDM Problems

Hi,

Thanks for helping. I added the license but the problem keeps happening.

Red

ASDM Problems

Then  can you please share teh outputs I requested

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
New Member

ASDM Problems

Sorry, I replied this on your post. Here goes again:

Hi Varun,

sh run http:

http server enable

http 192.168.1.0 255.255.255.0 management

sh run all ssl:

ssl server-version any

ssl client-version any

ssl encryption des-sha1

The other two return nothing.

Thanks!

ASDM Problems

Hi Bro

Do you have the latest java version from www.java.com installed on your workstation that's directly connected to the Management 0/0 interface? Furthermore, please do remove the proxy settings in your Internet Browser. Is this issue happening to all workstations when trying to access the ASDM or only your workstation?

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
New Member

ASDM Problems

Hi,

Going to try other CPU and updating my Java.

Thanks for the tip!

Red

Re: ASDM Problems

Hi Caio,

Apart from checking the Java version, you do necessarily need to add these on the ASA:

ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1

and

crypto key rsa generate modulus 1024

It should work after this.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC

ASDM Problems

Hello Caio,

Please add the following command, this should do it

ssl encryption aes256-sha1 aes128-sha1 3des-sha1

Rate all the helpful post

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

ASDM Problems

Thanks Varun and jcarvaja!

Both answers correct.

896
Views
24
Helpful
13
Replies
CreatePlease to create content