This document describes the issue faced by an user with ASDM.
User have recently upgraded his spare ASA 5510 router to version 9.1(3) with ASDM image Version 7.1(5)100. The client user is attempting to run the ASDM launcher on is Windows 7 x64 running the latest version of Java (7 update5).
He/She is able to get to the main screen when he/she https to the device. He/She can install the ASDM launcher, but once he/she enter the host-name and Password he/she receive the following error "Unable to launch Device Manager 192.168.X.XXX"
User have gone through a check list and he/she confirm the following:
3des-sha1 license is enabled
HTTP server is enabled for my clients subnet
ssl encryption is enabled
Tried Firefox and IE10
When he/she attempt to run the ASDM via the browser user get as far as asking for the password and although the initial prompt seems to accept it, another authentication box appears asking for it over and over again in an endless loop. The box was previously flashed back to factory-default before I then applied the configuration from scratch (based on the config of our live ASA 5510).
ASDM image: V 7.1(5)100
output of "show run all ssl"
CISCO-ASA-1(config)# show run all ssl ssl server-version any ssl client-version any ssl encryption rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 ssl certificate-authentication fca-timeout 2
Please add the following command on the ASA and then test. aaa authentication http console LOCAL
Along with that , there should be a username and password in ASA's local database. So try to configure following command and then check: username cisco password cisco
User follows the below mentioned steps and add an exception in Java for the ASDM IP address because he/she have been seeing issues after JAVA 7 update 51. Please follow the below steps and the check if it works for you.
Add a security exception for the ASA in the Java Control Panel, so that you could launch the current ASDM image and upgrade it from within ASDM:
Open Java Control Panel on Windows: Start > Control Panel > Java Control Panel on Mac: click on Java icon in System Preferences Go to the Security tab: In the Exception Site List section at the bottom, click Edit Site List and add the ASA you want to manage with ASDM.
https://>IP address of the ASA
User need to export self-signed certificates from each of his ASAs and then imported them into the "secure site" section in Java console (the "trusted certificates" section did not work). User have seen this previously for another java application as well. This was with ASDM 7.1(5)100 and Java version 7 update 51.