Configuration has not been modified since last system restart.
Everytime i try and start the PDM, i get the error that there is a hostname mismatch with certificates.
Now i've tried the following:
1) 5 differant versions of java, from 1.5 and under.
2) Tried delating the key on the router and re-createing it.
Ive been all over the internet checking out lots of other people who had this problem and it seems to relate to java or the cetificates, but i still cant get this working...has anyone got any suggestions ?
Im not a company so dont have a CCO login to maybe uprage the IOS and PDM...I'm more than happy to try and configure things via command line...i just cant stand it when i cant work out why its not working.....
As long as your config looks like this, this is not a FW problem. Perhaps, it could be your PC. Have you tried with another PC, to see if this works fine? I suspect this has something to do with your browser's cookies etc.
asdm image flash:/asdm asdm history enable
http server enable http 10.0.0.0 255.0.0.0 inside
Try this as well;
ca zeroize rsa
ca generate rsa key 768 <-- 1024 and above seems to have compatiblity issue with some browsers.
ca save all
Ramraj Sivagnanam Sivajanam
Technical Specialist/Service Delivery Manager – Managed Service Department
The error-message in question comes when you connect to your pix with a different hostname then what is in the certificate. If you only have the IP-address in the certificate, then you have to use https://184.108.40.206. If you have used a hostname or FQDN, then you have to use that: https://pixfirewall or https://pixfirewall.yourdomain.local. Just change the IP or the names to what you have on your PIX. If you have a name in your certificate you also need to make sure that the name resolves to the correct IP-address.
If you don't know what's in the certificate, I think the command on this plattform was also "show crypto ca certificate". There you need to look at the field "subject".
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...