Solved: ASA5505: No ASDM after erasing the flash

1914aug87 · ‎07-28-2013

Hello,

After erasing the flash from rommon mode (rommon #4> erase disk0:) and copy a new image via tftp everything is ok, but the ASDM won´t work. Here some information:

##############################################

Boot image: asa825-41-k8.bin

ASDM image: asdm-713.bin

ASA5505# sho activation-key

Serial Number: JMXXXXXXXXX

Running Activation Key: 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX 0xXXXXXXXX

Licensed features for this platform:

Maximum Physical Interfaces : 8

VLANs : 3, DMZ Restricted

Inside Hosts : Unlimited

Failover : Disabled

VPN-DES : Enabled

VPN-3DES-AES : Enabled

SSL VPN Peers : 2

Total VPN Peers : 12

Dual ISPs : Disabled

VLAN Trunk Ports : 0

Shared License : Disabled

AnyConnect for Mobile : Disabled

AnyConnect for Cisco VPN Phone : Disabled

AnyConnect Essentials : Disabled

Advanced Endpoint Assessment : Disabled

UC Phone Proxy Sessions : 2

Total UC Proxy Sessions : 2

Botnet Traffic Filter : Disabled

This platform has a Base license.

ASA5505# sh run asdm

asdm image disk0:/asdm-713.bin

no asdm history enable

ASA5505-HD# sh run http

http server enable

http 0.0.0.0 0.0.0.0 <nameif_1>

http 0.0.0.0 0.0.0.0 <nameif_2>

crypto key generate rsa modulus 1024

##############################################

I´ve got a new activation-key for my serial number from cisco. Are there any somer things to do to get my ASDM running.

Thanks!

johnlloyd_13 · ‎07-28-2013

hi,

could you try adding this command:

ssl encryption 3des-sha1 aes128-sha1 rc4-md5 rc4-sha1

View solution in original post

mabuarja · ‎07-28-2013

Hi

please make sure to have all cipher combinations using "ssl encryption" command . you check the current configuration using "show run all ssl".

for further investigations , you can share the below :

"show run asdm"

"show run http"

"show asp table socket"

"show flash | inc .bin"

Kindest Regards,

Mohammad

1914aug87 · ‎07-28-2013

ASA5505# sh run asdm

asdm image disk0:/asdm-713.bin

no asdm history enable

ASA5505# sh run http

http server enable

http 0.0.0.0 0.0.0.0 INSIDE

http 0.0.0.0 0.0.0.0 OUTSIDE

ASA5505# sho asp tabl socket

Protocol Socket Local Address Foreign Address State

SSL 0002e0bf 172.20.50.1:443 0.0.0.0:* LISTEN

SSL 0005402f 10.5.30.1:443 0.0.0.0:* LISTEN

TCP 0009411f 10.5.30.1:22 0.0.0.0:* LISTEN

TCP 000c038f 172.20.50.1:22 0.0.0.0:* LISTEN

ASA5505# show flash | inc .bin

83 27482112 Jul 22 2013 13:16:40 asa912-k8.bin

84 18097844 Jul 25 2013 14:28:28 asdm-713.bin

85 15464448 Jul 25 2013 15:39:34 asa825-41-k8.bin

ASA5505# sh run all ssl

ssl server-version any

ssl client-version any

ssl encryption des-sha1

johnlloyd_13 · ‎07-28-2013

hi,

could you try adding this command:

ssl encryption 3des-sha1 aes128-sha1 rc4-md5 rc4-sha1

Julio Carvajal · ‎07-29-2013

Hello,

Some kudos to John . That should fix the issue....

If it does not let us know

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

johnlloyd_13 · ‎07-29-2013

hi julio,

thanks! i've finally able to decode some simple ASA lines.

hopefully, i could go deeper (now learning pre and post 8.3 NAT) and help everyone on this forum .

1914aug87 · ‎07-30-2013

Looks good to me.

Many thanks for your kind support!