cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


194
Views
0
Helpful
3
Replies
Beginner

Unable To Launch Device Manager From x.x.x.x

Hello Community!

I'm sure you've herd this a thousand times before but I've got an issue with an ASA on which ASDM doesn't work. It will not load from either ASDM launcher or any web browser. I'm attaching some pics to show you the errors. Chrome indicates an SSL version or chiper mismatch. I've altered the logs to show SSL negotiation and attached the logs showing what happens at the time of the HTTPS/SSL connection. The crunch point is the following line in the logs, which I have no idea what its trying to tell me: 

SSL lib error. Function: SSL3_GET_RECORD Reason: wrong version number

Google doesn't tell me much about this. Does anyone know what this means?  You can see the both endpoints agree a cipher to use [AES128-SHA] so I'm not sure what the problem is. I'm stumped. My SSL configuration on the ASA is as follows:

FW01/pri/act/admin# show run all ssl

ssl server-version tlsv1

ssl client-version tlsv1-only

ssl encryption aes128-sha1

FW01/pri/act/admin#

Any ideas?

1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: Unable To Launch Device Manager From x.x.x.x

Hi All, 

I've fixed it by entering the following global configuration command:
MY-ASA(config)# ssl server-version any

WARNING: SSLv3 is deprecated. Use of TLSv1 is recommended.
MY-ASA(config)# end

MY-ASA#

ASDM now launches fine from either the web browser or ASDM Launcher.

Hope this helps someone else out there. 

3 REPLIES 3
Highlighted
VIP Engager

Re: Unable To Launch Device Manager From x.x.x.x

Hi,

Did you verify that SSL version 3  (including SSL 1.1 and 2) is enabled on the system?

 

Regards,
Deepak Kumar,
Resume duty after a long holiday
Beginner

Re: Unable To Launch Device Manager From x.x.x.x

How do I verify this Kumar? 

Beginner

Re: Unable To Launch Device Manager From x.x.x.x

Hi All, 

I've fixed it by entering the following global configuration command:
MY-ASA(config)# ssl server-version any

WARNING: SSLv3 is deprecated. Use of TLSv1 is recommended.
MY-ASA(config)# end

MY-ASA#

ASDM now launches fine from either the web browser or ASDM Launcher.

Hope this helps someone else out there.