10-15-2012 12:20 AM - edited 03-11-2019 05:08 PM
Hi,
I have an ASA with three different asdm's loaded on the flash, running on 8.32-k8.bin ios.
asdm-634.bin
asdm-645.bin
asdm-649-103.bin
When i try opening via ASDM, it throughs the error " Unable to launch the application "
I have the below commands configured in asa,
http server enable
http 10.0.0.0 255.0.0.0 inside
asdm image disk0:/asdm-645.bin
Current BOOT variable = disk0:/asa832-k8.bin;disk0:/asa823-k8.bin
Please see the debug info when i tried login,
bej5505fw01# HTTP: processing handoff to legacy admin server [/]
HTTP: session verified = [0]
HTTP: processing GET URL '/' from host 10.103.154.213
HTTP: redirecting to: /admin/public/index.html
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/index.html' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/index.html, length: 6725
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/cisco.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/cisco.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asa-pix.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/asa-pix.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm.jnlp' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/asdm.jnlp, length: 1441 bej5505fw01# HTTP: processing handoff to legacy admin server [/]
HTTP: session verified = [0]
HTTP: processing GET URL '/' from host 10.103.154.213
HTTP: redirecting to: /admin/public/index.html
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/index.html' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/index.html, length: 6725
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/cisco.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/cisco.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asa-pix.gif' from host 10.103.154.213
HTTP: authentication not required
HTTP: file not modified: public/asa-pix.gif
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm.jnlp' from host 10.103.154.213
HTTP: authentication not required
HTTP: sending file: public/asdm.jnlp, length: 1441
From the PC i have cleared the cache, SSL cert, cookies and history. but still no luck. Can anyone please help me on this ?
Solved! Go to Solution.
10-16-2012 05:37 AM
Hello,
Good,
Now do the following
ssl encryption aes256-sha1 des-sha1 3des-sha1
Then give it a try
Remember to rate all of the support answers, this is why we are here.. Just mark the stars on the bottom of each answer.
Regards,
10-15-2012 10:49 AM
Hello,
What is the java version you are running on the PC?
Can you do the following as well
cap asp type asp drop all circular-bruffer
then try to connect and provide:
show cap asp | include 10.103.154.213
Any other question..Sure..Just remember to rate all the helpful posts.
Regards,
Julio
10-15-2012 11:04 PM
Hi Julio,
Thanks for the reply. I was using Java 5 and recently upgraded to 7 because of this issue.
It is not prompting for username and password, It throws the error before that "unable to load application"
As requested, Please see the below capture.
bej5505fw01(config)# show cap asp | include 10.103.154.213
586: 05:58:08.614287 802.1Q vlan#1 P0 10.103.154.213.3883 > 10.102.48.2.443: F 3020129898:3020129898(0) ack 3841894189 win 65528
Cheers
Ram
10-16-2012 05:12 AM
Hello,
So you had the issue while ussing java 5??? Is that correct? Are you 100 % sure of that??
I am asking that because there are known issues with ASDM while using java version 7.
Can you provide me the following:
show run ssl
Any other question..Sure..Just remember to rate all the helpful posts.
10-16-2012 05:24 AM
Hi,
Yes, I had issues while using Java 5. So i updated it to version 7.
bej5505fw01# sh run ssl
ssl encryption des-sha1
10-16-2012 05:26 AM
Hello Ramkumar,
Okay...
Do the following for me:
Show version and provide me the output
We are getting closer already know what is the issue
Regards,
Julio
03-13-2014 01:19 PM
Hi Julio:
I am having the same issue, but after running the command ssl encryption aes256-sha1 des-sha1 3des-sha1, it didn't fix my issue.
I did debug http, and it gives me the following message:
sec/act(config)# listen: Received HTTP request.
Started http listen on interface MGMT port 443
HTTP: processing GET URL '/admin/public/index.html' from host 10.1.16.255
HTTP: authentication not required
HTTP: file not found: public/index.html
Any help is appreciated.
10-16-2012 05:28 AM
Here you go...
bej5505fw01# sh ver
Cisco Adaptive Security Appliance Software Version 8.3(2)
Device Manager Version 6.4(5)
Compiled on Fri 30-Jul-10 17:49 by builders
System image file is "disk0:/asa832-k8.bin"
Config file at boot was "startup-config"
bej5505fw01 up 4 days 1 hour
Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW080 @ 0xfff00000, 1024KB
Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.06
0: Int: Internal-Data0/0 : address is 0023.33cd.ffcb, irq 11
1: Ext: Ethernet0/0 : address is 0023.33cd.ffc3, irq 255
2: Ext: Ethernet0/1 : address is 0023.33cd.ffc4, irq 255
3: Ext: Ethernet0/2 : address is 0023.33cd.ffc5, irq 255
4: Ext: Ethernet0/3 : address is 0023.33cd.ffc6, irq 255
5: Ext: Ethernet0/4 : address is 0023.33cd.ffc7, irq 255
6: Ext: Ethernet0/5 : address is 0023.33cd.ffc8, irq 255
7: Ext: Ethernet0/6 : address is 0023.33cd.ffc9, irq 255
8: Ext: Ethernet0/7 : address is 0023.33cd.ffca, irq 255
9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255
10: Int: Not used : irq 255
11: Int: Not used : irq 255
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 3 DMZ Restricted
Dual ISPs : Disabled perpetual
VLAN Trunk Ports : 0 perpetual
Inside Hosts : Unlimited perpetual
Failover : Disabled perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
SSL VPN Peers : 2 perpetual
Total VPN Peers : 10 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
AnyConnect Essentials : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Enabled 460 days
Intercompany Media Engine : Disabled perpetual
This platform has a Base license.
Serial Number: JMX1245Z1TF
Running Permanent Activation Key: 0x173ccb69 0x4cf555d3 0x10230dcc 0xb6a8580c 0x8f0616bb
Running Timebased Activation Key: 0x3a1bf4e2 0xa175ee9d 0x25bb0a5f 0xe7dff0cb 0xc3b50abe
Configuration register is 0x1
Configuration last modified by hartmannj at 07:05:48.057 UTC Mon Oct 15 2012
10-16-2012 05:37 AM
Hello,
Good,
Now do the following
ssl encryption aes256-sha1 des-sha1 3des-sha1
Then give it a try
Remember to rate all of the support answers, this is why we are here.. Just mark the stars on the bottom of each answer.
Regards,
10-16-2012 05:44 AM
You are the MAN...
It is working now, how did you identify the issue ?
10-16-2012 05:49 AM
Hello Ramkumar,
Long time working on cases like this
With issues like this I start with the basics:
- Check the ASDM image is in flash
-Check the http server service on the asa is enabled for the right subnets
-Check the java version
-Check the ssl encryption algorithm used by the asa ( and here is where your problem was, as you were using a poor encryption algorithm different from what the client was trying to use, so as soon as we changed the client and server were able to negotiate and maintain the TLS/SSL session)
Hope this helps,
Julio
10-16-2012 05:53 AM
Great, Thanks a lot Julio.
Do Keep in touch, my Facebook ID ramuccna@gmail.com if interested just send an invite.
Thanks for your time mate.
Cheers
Ram
10-16-2012 06:03 AM
Hello,
Sure, my pleasure
Regards
11-22-2017 09:33 AM
Hi dear,
any reason you see why its not working for me .
HTTP: processing GET URL '/admin/public/jploader.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/jploader.jar, length: 67324
HTTP: processing GET URL '/admin/public/dm-launcher.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/dm-launcher.jar, length: 105006
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/lzma.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/lzma.jar, length: 9326
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/retroweaver-rt-2.0.jar' from host 10.202.10.33
HTTP: authentication not required
HTTP: sending file: public/retroweaver-rt-2.0.jar, length: 110994
HTTP: session verified = [0]
HTTP: processing GET URL '/admin/public/asdm32.gif' from host 10.202.10.33
HTTP: authentication not required
HTTP: file not modified: public/asdm32.gif
04-10-2015 01:05 PM
Fixed my issue too. I had recently removed an old certificate and added a new one and during the process it added the line " SSL encryption aes256-sha1", which wasn't there before. After adding the full line "ssl encryption aes256-sha1 des-sha1 3des-sha1" it worked. Thanks! 2 hours spent trying to figure out the problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide