https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4912992#M1103847 <P>Hi guys, it turns out that i'm forbidden to login to sfr due to many login attempts, i tried to reset the password through <STRONG><EM>session sfr do password-reset</EM></STRONG>, i get <STRONG>invalid do command password reset</STRONG></P><P>i couldn't find anyway to login, is there a way to interrupt sfr boot and unlock my account?</P> Mon, 28 Aug 2023 12:12:09 GMT benalihoussem1994 2023-08-28T12:12:09Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911478#M1103785 <P>Hello guys, i'm facing an issue loggign in to asa with firepower module installed on it, yesterday we were applying an access control policy rule, today when i tried to login, ASDM stuck on 28% "authenticating firepower login" then after sometime it bypasses firepower and show only firewall configurations, but i can login when the firewall is standby. i couldn't login to session sfr as well,</P><P>any idea please on how to solve this?</P> Thu, 24 Aug 2023 16:32:09 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911478#M1103785 benalihoussem1994 2023-08-24T16:32:09Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911487#M1103786 <P>check the logs - what version of code, if get chance reboot and test it ?</P> Thu, 24 Aug 2023 17:06:28 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911487#M1103786 balaji.bandi 2023-08-24T17:06:28Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911617#M1103795 <P>yes tried to reboot but same issue, but while logging in to Firepower, i found these logs,</P><LI-CODE lang="markup">Aug 24 2023 19:11:37: %ASA-7-725012: Device chooses cipher ECDHE-RSA-AES256-GCM-SHA384 for the SSL session with client Inside:192.168.60.21/61002 to 10.1.1.1/443 Aug 24 2023 19:11:37: %ASA-6-725016: Device selects trust-point ASDM_TrustPoint-2022 for client Inside:192.168.60.21/61002 to 10.1.1.1/443 Aug 24 2023 19:11:37: %ASA-6-725002: Device completed SSL handshake with client Inside:192.168.60.21/61002 to 10.1.1.1/443 for TLSv1.2 session Aug 24 2023 19:11:37: %ASA-6-725007: SSL session with client Inside:192.168.60.21/61002 to 10.1.1.1/443 terminated Aug 24 2023 19:11:37: %ASA-6-302014: Teardown TCP connection 581960 for Inside:192.168.60.21/61002 to identity:10.1.1.1/443 duration 0:00:00 bytes 3964 TCP Reset-O from identity Aug 24 2023 19:11:37: %ASA-6-106015: Deny TCP (no connection) from 192.168.60.21/61002 to 10.1.1.1/443 flags FIN ACK on interface Inside Aug 24 2023 19:11:37: %ASA-7-710005: TCP request discarded from 192.168.60.21/61002 to Inside:10.1.1.1/443 Aug 24 2023 19:11:37: %ASA-6-302013: Built inbound TCP connection 581966 for Inside:192.168.60.21/61003 (192.168.60.21/61003) to identity:10.1.1.1/443 (10.1.1.1/443) Aug 24 2023 19:11:37: %ASA-6-725001: Starting SSL handshake with client Inside:192.168.60.21/61003 to 10.1.1.1/443 for unknown session Aug 24 2023 19:11:37: %ASA-6-725003: SSL client Inside:192.168.60.21/61003 to 10.1.1.1/443 request to resume previous session Aug 24 2023 19:11:37: %ASA-6-725002: Device completed SSL handshake with client Inside:192.168.60.21/61003 to 10.1.1.1/443 for TLSv1.2 session Aug 24 2023 19:11:37: %ASA-6-725007: SSL session with client Inside:192.168.60.21/61003 to 10.1.1.1/443 terminated</LI-CODE><P>&nbsp;firepower&nbsp;7.0.3&nbsp; installed on ASA 5516,</P><P>&nbsp;</P> Thu, 24 Aug 2023 20:17:23 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911617#M1103795 benalihoussem1994 2023-08-24T20:17:23Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911818#M1103812 <P>We see the Client Terminated on the Logs&nbsp;</P> <P>&nbsp;</P> <LI-CODE lang="markup">firepower 7.0.3 installed on ASA 5516,</LI-CODE> <P>&nbsp;</P> <P>Just to clarify, You have Firepower Service Module installed in ASA running 7.0.3 ?&nbsp; or You have Firepower re-imaged on ASA&nbsp; Model ?</P> <P>ASA&nbsp; code Managed by ASDM</P> <P>Firepower image (FTD) - Managed by FDM or FMC</P> <P>&nbsp;</P> <LI-CODE lang="markup">but i can login when the firewall is standby.</LI-CODE> <P>&nbsp;</P> <P>Why not Failover and check is this accessed by ASDM ?</P> <P>On the primary if you able to Logging using SSH - can you post below output&nbsp;</P> <P>show version</P> <P>show module&nbsp;</P> <P>show module sfr detail</P> <P>what outcome you get when you login from console to #session sfr console ?</P> Fri, 25 Aug 2023 07:10:25 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911818#M1103812 balaji.bandi 2023-08-25T07:10:25Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911904#M1103821 <P>Hi,</P><P>ASA version 9.16</P><P>ASDM version 7.16(1)150</P><P>yes when the firwall is on standby i can access ASDM normally.&nbsp;<BR />here's the output</P><P>sh version:</P><P>&nbsp;</P><P>&nbsp;</P><P>show module</P><P>&nbsp;</P><P>&nbsp;</P><P>Show module sfr details:</P><P>&nbsp;</P><P>&nbsp;</P><P>I get login incorrect when i try session sfr</P><P>&nbsp;</P> Wed, 30 Aug 2023 14:05:55 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911904#M1103821 benalihoussem1994 2023-08-30T14:05:55Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911981#M1103828 <P>Hello,</P><P>Asdm version: 7.16(1)150</P><P>ASA version: 9.16</P><P>Firepower version: 7.0.3</P><P>I now lost login to firepower on standby ASA, tried failover and also</P><P>Below requested output:</P><P>Show version:</P><P>&nbsp;</P><P>&nbsp;</P><P>Sh module:</P><P>&nbsp;</P><P>&nbsp;</P><P>Show module sfr detail</P><P>&nbsp;</P><P>&nbsp;</P><P>does firepower lockout users after failed logins?</P><P>session sfr fails to login also.</P><P>&nbsp;</P> Wed, 30 Aug 2023 13:24:31 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4911981#M1103828 benalihoussem1994 2023-08-30T13:24:31Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4912992#M1103847 <P>Hi guys, it turns out that i'm forbidden to login to sfr due to many login attempts, i tried to reset the password through <STRONG><EM>session sfr do password-reset</EM></STRONG>, i get <STRONG>invalid do command password reset</STRONG></P><P>i couldn't find anyway to login, is there a way to interrupt sfr boot and unlock my account?</P> Mon, 28 Aug 2023 12:12:09 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4912992#M1103847 benalihoussem1994 2023-08-28T12:12:09Z https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4916549#M1103969 <P>Hello,</P><P>Issue is solved, we found the last password used for sfr module and we were able to login again.</P><P>&nbsp;</P> Sat, 02 Sep 2023 12:55:09 GMT https://community.cisco.com/t5/network-security/cannot-login-to-firepower-from-asdm/m-p/4916549#M1103969 benalihoussem1994 2023-09-02T12:55:09Z