hi

i have issue with flash and i have formatted and reinstalled another file and now cisco ASA 5520 is working well via console port and i have installed ASDM bin flie, enabled http server but still i am unable to login via ASDM.

Please find the ASA details.

ciscoasa#  sh version

Cisco Adaptive Security Appliance Software Version 8.4(3)
Device Manager Version 6.4(5)

Compiled on Fri 06-Jan-12 10:24 by builders
System image file is "disk0:/asa843-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 6 hours 30 mins

Hardware:   ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.06
                             Number of accelerators: 1

 0: Ext: GigabitEthernet0/0  : address is d48c.b55e.c446, irq 9
 1: Ext: GigabitEthernet0/1  : address is d48c.b55e.c447, irq 9
 2: Ext: GigabitEthernet0/2  : address is d48c.b55e.c448, irq 9
 3: Ext: GigabitEthernet0/3  : address is d48c.b55e.c449, irq 9
 4: Ext: Management0/0       : address is d48c.b55e.c44a, irq 11
 5: Int: Not used            : irq 11
 6: Int: Not used            : irq 5
The Running Activation Key is not valid, using default settings:

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 150            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
VPN-DES                           : Enabled        perpetual
VPN-3DES-AES                      : Disabled       perpetual
Security Contexts                 : 2              perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 750            perpetual
Total VPN Peers                   : 750            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions           : 2              perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
Intercompany Media Engine         : Disabled       perpetual

This platform has an ASA 5520 VPN Plus license.

Serial Number: JMX1513L0BV
Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
Configuration register is 0x1
Configuration last modified by enable_15 at 13:21:43.599 UTC Tue Nov 3 2015
ciscoasa#

Please check it.

Hi there,

Please always open separate thread for new issues.

bdw, you are opening a less compatibility ASDM versio as per ASA version. Use the link below. After that there could be java version issues. Therefore Copy the latest ASDM version asdm-751-90.bin

http://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#pgfId-121785

Please rate the helpful posts. and mark the answer as correct if answer your queries.

Regards,

Akshay Rastogi

Hi,

Adding to Akshay's suggestion, please run the command "show run all ssl". It looks like the 3DES-AES license is disabled. Normally you need to enable 3DES and AES encrytption in the SSL configuration so that SSL handshake is successful. Please try to access the device via web browser and verify whether you are able to access the device via HTTPS.

Thanks

Shivapramod M

Hi

Shivapramod, thanks for your post and i am searching for old PAK for the Cisco ASA5200 and please find the below output.

ciscoasa# sh run all ssl
ssl server-version any
ssl client-version any
ssl encryption des-sha1

Hi,

Use SN : JMX1513L0BV(it is in ur 'show version' output for the generating 3des license key. It is a free key which you could be generated from cisco.com/go/license. Use the link below :

As soon as you activate this key, you would have many option to add for ssl encryption. Add all the available option.

Here are the steps to follow in order to generate the activation-key:

www.cisco.com/go/license  

-   Click on "Product License Registration" Tab on the Right.

 -   Click on Get Other Licenses dropdown menu on the Right and select "IPS, Crypto, Other..." link 

-   Select "Security Product" from the Product family and Select Cisco ASA "3DES/AES License". 

-   Enter the Serial Number of the ASA. 

-   Next and then Select the “I Agree” check box and Type your “Email Address” and Click Submit. 

-   Activate the License Key on ASA with the "activation-key" command in Configuration Terminal Mode. Do not reload the ASA and check the license once again with 'show activation-key'.

now add all the encryptions with 'conf t)#ssl encryption ? 

now add all the encryption one after the other with space and hit enter.

Then try.

Regards,

Akshay Rastogi

Hello Akshay Rastogi,

thanks a lot for ur post and i have fixed my Cisco ASA5520.

regrads,

Naresh Kumar.

Hi Naresh,

Great. You're Welcome. :)

Remember to mark the answer as correct if answers your queries or rate the helpful posts.

Regards,

Akshay Rastogi