Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cipher suite different from browser and PIX firewall.How to approach this?

Hello

When trying to access ASDM via web browser [IE version 5].I am seeing following SSL error. Any pointers will be helpful?How do i change cipher suite on the browser.ON pix there are only limited set.

Thanks

Sailendra

pixfirewall# %PIX-6-609001: Built local-host inside:10.0.50.34

%PIX-6-609001: Built local-host NP Identity Ifc:10.0.50.32

%PIX-6-302013: Built inbound TCP connection 430 for inside:10.0.50.34/1282 (10.0.50.34/1282) to NP Identity Ifc:10.0.50.32/443 (10.0.50.32/443)

%PIX-7-710002: TCP access permitted from 10.0.50.34/1282 to inside:10.0.50.32/https

%PIX-6-725001: Starting SSL handshake with client inside:10.0.50.34/1282 for TLSv1 session.

%PIX-7-725010: Device supports the following 5 cipher(s).

%PIX-7-725011: Cipher[1] : AES256-SHA

%PIX-7-725011: Cipher[2] : AES128-SHA

%PIX-7-725011: Cipher[3] : DES-CBC3-SHA

%PIX-7-725011: Cipher[4] : DES-CBC-SHA

%PIX-7-725011: Cipher[5] : RC4-MD5

%PIX-7-725008: SSL client inside:10.0.50.34/1282 proposes the following 5 cipher(s).

%PIX-7-725011: Cipher[1] : EXP1024-RC4-SHA

%PIX-7-725011: Cipher[2] : EXP1024-DES-CBC-SHA

%PIX-7-725011: Cipher[3] : EXP-RC4-MD5

%PIX-7-725011: Cipher[4] : EXP-RC2-CBC-MD5

%PIX-7-725011: Cipher[5] : EXP1024-DHE-DSS-DES-CBC-SHA

%PIX-7-725014: SSL lib error. Function: SSL3_GET_CLIENT_HELLO Reason: no shared cipher

%PIX-6-725006: Device failed SSL handshake with inside client:10.0.50.34/1282

%PIX-6-302014: Teardown TCP connection 430 for inside:10.0.50.34/1282 to NP Identity Ifc:10.0.50.32/443 duration 0:00:00 bytes 55 TCP FINs

%PIX-6-609002: Teardown local-host inside:10.0.50.34 duration 0:00:00

%PIX-6-609002: Teardown local-host NP Identity Ifc:10.0.50.32 duration 0:00:00

389
Views
0
Helpful
0
Replies
CreatePlease to create content