03-21-2013 11:01 AM - edited 02-21-2020 04:51 AM
I just received 2 brand new Cisco 5525-X (OS 8.6). I am unable to get any response when I browse to the https://192.168.1.1/Admin and http://192.168.1.1/Admin to pull up the ADSM. I can connect via serial and do SHOW RUN and all of the command via CLI.
I can dhcp an address on the management network - and get a response from pinging the 192.168.1.1.
In the config it does list:
asdm image disk0:asdm-661114.bin
no asdm history enable
http server enable
http 192.168.1.0 255.255.255.0 management
What the heck is going on here? - this should work automatically out of the box
Eric
03-21-2013 11:07 AM
The Web Browsers are displaying
ssl_error_no_cypher_overlap
Error
03-21-2013 11:38 AM
Found this Article http://kb.option-hk.com/?p=259
If you have a new Cisco ASA 5500 and try to connect to the web UI or connect to it using SSLVPN, you may find the connection failed with the following error show in a Firefox browser,
Error code: ssl_error_no_cypher_overlap
Check the out of the command “show run all ssl”
ciscoasa(config)# sh run all ssl
If it shows only the following:
ssl server-version any
ssl client-version any
Run the following command to enable the complete set of encryption algorithm:
ciscoasa(config)#ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
ciscoasa(config)# sh run all ssl
ssl server-version any
ssl client-version any
ssl encryption 3des-sha1 des-sha1 rc4-md5 aes128-sha1 aes256-sha1
Try again to connect and it may solve your problem.
-------------------------------------------------------------------------------
Basically...... it is shipped broken. Shame on you Cisco.
03-21-2013 07:48 PM
Yes the 8.6 (and 9.x) software began this odd change. I'm not quite sure why but we've taken to remembering a standard procedure of adding a strong cipher to the ssl list when unboxing a new X series. It smells like some regulatory or export compliance move but that's just speculation on my part.
FYI you only need one - aes256-sha1 is the strongest and what I use.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: