It responds with :

XXX algorithms require a VPN-3DES-AES activation key.

I've tried like.. 8 of the ones it says my client is proposing.

I shouldn't need a special license to get ASDM working out of the box..

Hmm, do you have a 3DES license on your ASA, or DES? "sh ver" should show you that.

If you have DES it will not do the algorithms for SSL encryption etc.

PL

"This platform has a base license"

So this means that I can't even run ASDM with a base license?

Hi,

It is better you get a 3DES license for your ASA.

Otherwise, one way to get it working would be to change the cipher suites being sent by the client's browser. I am not really sure of how to do that but i am pretty sure google will give you good results.

Let me now how it goes!

Cheers,

Prapanch

Hi,

You tried with different browsers and ssl settings?

Regards.

Great Answer Panagioti, it worked for me.. the answer was in front of our eyes!

%ASA-6-725001: Starting SSL handshake with client inside:xx.xx.xx.xx/59308 for TLS session.
%ASA-7-725010: Device supports the following 3 cipher(s).
%ASA-7-725011: Cipher[1] : AES256-SHA
%ASA-7-725011: Cipher[2] : DHE-RSA-AES128-SHA
%ASA-7-725011: Cipher[3] : DHE-RSA-AES256-SHA
%ASA-7-725008: SSL client inside:10.10.8.25/59308 proposes the following 2 cipher(s).
%ASA-7-725011: Cipher[1] : AES128-SHA
%ASA-7-725011: Cipher[2] : DES-CBC3-SHA
%ASA-7-725014: SSL lib error. Function: SSL3_GET_CLIENT_HELLO Reason: no shared cipher

Thank you for pointing this!

Where is the answer? I dont see any comments from Panagioti

It was helpful, thanks!

I had the same problem which I was fighting with last couple days. I had to format and erase my flash during flash replacement, and ASA lost  activation code and all ciphers. After reading your post I realized what is wrong, restored the activation key and applied ciphers to SSL.

Thanks again!

--

Igor

I have the same issue. It is helpful for me

THIS worked for me:

ssl encryption aes256-sha1

Thank you so much!!!!1