Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1736
Views
0
Helpful
6
Replies

ASDM not working anymore

ciscocase
Level 1
Level 1

‎10-25-2018 06:30 AM - edited ‎02-21-2020 08:23 AM

Hello,

 

rebooted my asa 5506x today. After that I am not able to connect to ASDM anymore.

 

Unable to launch device manager from ...

 

Logfile shows:

Oct 25 15:28:12 172.16.1.46 %ASA-6-725001: Starting SSL handshake with client outside:172.16.7.150/51084 to 172.16.1.46/443 for TLS session
Oct 25 15:28:12 172.16.1.46 %ASA-6-725006: Device failed SSL handshake with client outside:172.16.7.150/51084 to 172.16.1.46/443
Oct 25 15:28:12 172.16.1.46 %ASA-6-302014: Teardown TCP connection 8264 for outside:172.16.7.150/51084 to identity:172.16.1.46/443 duration 0:00:00 bytes 0 TCP Reset by appliance

 

 sh run all ssl
ssl server-version tlsv1
ssl client-version tlsv1
ssl cipher default medium
ssl cipher tlsv1 medium
ssl cipher tlsv1.1 medium
ssl cipher tlsv1.2 medium
ssl cipher dtlsv1 medium
ssl dh-group group2
ssl ecdh-group group19
ssl certificate-authentication fca-timeout 2

 

Does anyone has an Idea?

 

0 Helpful
6 Replies 6

ciscocase
Level 1
Level 1

‎10-25-2018 06:32 AM

Tested to connect using browser, did also not work. https://172.16.1.46
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ciscocase

‎10-25-2018 01:59 PM

check the below KB :

 

https://www.petenetlive.com/KB/Article/0000915

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

ciscocase
Level 1
Level 1
In response to balaji.bandi

‎10-25-2018 11:38 PM

Hello,
found that article also by my self, but it did not help. Tried different ciphers but it wont work.

But Thx.
0 Helpful

ciscocase
Level 1
Level 1
In response to ciscocase

‎10-26-2018 03:02 AM - edited ‎10-26-2018 05:05 AM

So, i put the customers config in one of mine ASA's and ASDM worked. I switched the ASA's, so I could run tests, with my customers ASA and my custome used my ASA instead. I copied the running-config to flash:/saved_config. Made a write erase. Followed the assistant, and made Management Interface accessible. ASDM worked fine. I copied my saved config from flash to running_config. Checked and ASDM was also working fine. I made a write mem, and did a reload. Now ASDM is again not working anymore.

What does the reload do to the config, so ASDM will not wont work after that?

 

Edit: Ran a few new test:

 

First test:  I made a wr erase and after reboot, I copied the config line by line in the ASA -> ASDM not working

 

Second test: After wr erase, i used the assistent to get ASDM Access -> worked. Reload -> still working!

Copied old config line by line to the asa -> ASDM worked. Wr mem and reload -> ASDM not working anymore. I do not understand it.

0 Helpful

ciscocase
Level 1
Level 1
In response to ciscocase

‎10-26-2018 06:54 AM

Made a nother wr erase and put a configfile from 10 days ago in . ASDM workes, added some of the changes I did the last days, rebooted and it is still working. Rebooted some times, problem seems to be gone.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to ciscocase

‎10-26-2018 09:55 AM

Then  it is time to do some revision control and see what is changed last 10days, make  a note and learn lesson from the past.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card