ASDM was unable to load the firewall's configuration.

rex.ambrosio · ‎07-17-2019

Hello Experts,

Having a bit of a problem trying to use ASDM to manage ASA5525 with FirePOWER installed. Now I now that Cisco Bug ID CSCuw54048 fixed this with a release of SFR 6.1.0 version but I'm still getting the same error when I try to login to ASDM with SFR module running.

We are using the following versions of the software:

ASA: Cisco Adaptive Security Appliance Software Version 9.9(2)40
SFR OS: Firepower Extensible Operating System Version 2.3(1.131)

SFR SW: 6.2.3-4 VDB 290

ASDM: Device Manager Version 7.9(2)152

JAVA: 8u221 64-bit

OS: Windows Server 2016

Has anybody else encountered the same problem? workarounds or solutions you did to solve this kind of issue?

I don't think we can settle using older versions of Java or using a Windows 7 machine to login to ASDM to if anyone has ever solved this, appreciate if you could share it.

Thanks in advance.

Regards,

Rex

johnlloyd_13 · ‎07-19-2019

hi,

are you connecting to ASDM via the MGMT interface?

is HTTP enabled on the ASA? post a show run http output and ensure there's a route/can ping to the PC/NMS IP.

rex.ambrosio · ‎07-22-2019

@johnlloyd_13

We are connecting to ASDM via a dedicated interface. HTTP server is enabled and we can access this firewall ok. ASDM loads fine if we are using Java 8 update 51. But due to security concerns, we can't settle using an older version of Java so I'm wondering if Cisco has come up with fix or any other workaround on this particular case.

IanRobinson71613 · ‎10-22-2019

We have encountered the same issue. Did you ever get this resolved?

For us we have:

ASA: 9.12(2)

ASDM:7.12(2)

Firepower SW: 6.4.0-102

Java 8u231

Server2016

IanRobinson71613 · ‎10-22-2019

I believe I have found the issue that is causing this. ASDM with firepower installed will not work on out Server 2016. It will however work on Windows 10.

For an in depth explanation of the issue that I am seeing:
When I go to Tools -> ASDM Java Console .... on server 2016, I see that something called JxBrowser is crashing. According to the crash logs, it is crashing because Server 2016 is an Unsupported operating system.
According to the ASDM Java Console the JxBrowser is version 4.9.5, which was released in 2015, so not supporting Server 2016 makes sense. My question is, why is ASDM using such an old version of JxBrowser?
Again this only happens after the Firepower Module has been installed, so my guess is ASDM needs JxBrowser for Firepower.

Current work around is to not use Server 2016/2019.

Maybe I am wrong, but this is what I am seeing. Does this make any sense to you @Marvin Rhoads

Marvin Rhoads · ‎10-22-2019

That makes sense to me @IanRobinson71613 .

Cisco acquired Sourcefire in late 2013 and the Firepower service module with ASDM management came out in 2014 if I recall correctly.

They may have updated the JxBrowser component they are using in 2015 but once they got it "working" I doubt they would feel the need to touch the underlying source code unless it had a critical flaw.

Marvin Rhoads · ‎07-22-2019

Is it an option for you to upgrade the Firepower module to a later build (like 6.2.3.14 if not the latest 6.4.0.3)? Perhaps temporarily using an older Java if that's possible.

I know the bugID indicates 6.1.0 (released August 2016) fixed the issue; but I suspect that it may still be broken in your 6.2.3.4 (released August 2018).

Dzanca · ‎03-04-2020

Even with the following versions:

ASDM 7.13

FirePower 6.4.0.8-28

latest Java installed on 2016 server i get the same error message.