02-10-2016 05:31 AM - edited 03-12-2019 12:15 AM
After I bring up the ASDM-IDM Launcher and enter my username and password, it loads the software from cache to 100%. Once the software load is complete, the wristwatch icon shows up and hangs. It will not bring up the WEBgui. I can log in via command line with no issues. I have reloaded the firewall to see if this would fix the issue. It did not. I need help on the next plan of action
02-10-2016 10:48 PM
Do you have sourcefire enabled? I have seen similar issues when the ASDM struggles to contact sourcefire module.
Other than that, have you checked your Java version? try upgrading / downgrading your Java and then test.
--
Please remember to select a correct answer and rate helpful posts
02-11-2016 02:12 AM
Hi! I do not have sourcefire installed.
The java version I am running is Java 6. I am unable to upgrade or downgrade my Java version b/c I am accessing the device via a Thin client.
I have another firewall (running the same version), and I am able to access it via command line AND via the WEBgui without issue. So I am puzzled as to why my other system hangs.
02-11-2016 02:40 AM
can you access the ASA in question via the CLI? is it just the ASDM you are having issues with? Do you see anything in the logs?
--
Please remember to select a correct answer and rate helpful posts
02-23-2016 02:10 AM
Yes, I can access the firewall via the CLI with no issues. It is just brining up the ASDM that is the issue. The ASDM launcher version that is loaded with the firewall that works is 1.5(7).
The ASDM launcher version that is loaded with the firewall that does NOT Work is 1.6 and it is also trying to use java runtime version 1.6 and it fails. I am not sure if that version is not compatible.
02-23-2016 11:14 PM
What java version are you running on your PC? ASDM 1.5 is not supported in newer Java versions so you will need to downgrade to 6. If you are running version 6 then check the following:
show run http
show run asdm
Also make sure there is a self signed certificate that is used by the asa
show crypto ca trustpoint
--
Please remember to select a correct answer and rate helpful posts
02-24-2016 03:00 AM
I have Java 6 installed. when I run those commands on the firewall that is not bringing up the WebGUI this is my output:
show run http output is: http server enable, then I have a list of my servers and the interfaces. On the firewall that is running the same thing is displayed.
show run asdm: the output shows the image disk and no asdm history enable. On the firewall that works the http asdm history is enabled.
show crypto ca trustpoints: the output shows nothing it is blank. This is also blank when I run this command on my working firewall.
02-24-2016 04:00 AM
could you also issue the following commands:
show cry ca certificate
show run all ssl
--
Please remember to select a correct answer and rate helpful posts
02-25-2016 02:39 AM
when I run the first command show cry ca certificate: both appliances output is blank.
the show run all ssl command the settings are the same for both:
ssl server- verison any
ssl client-version any
it also lists all the encryption algorithms on both firewalls and shows the certificate authentication fca timeout 2.
02-25-2016 03:22 AM
Try issuing the commands:
no http server enable
http server enable
It looks like the self signed certificate the ASA uses for ASDM is missing.
if that doesn't work then you will need to enable the local CA server on the ASA and create a new self signed certificate. and then disable the CA server once finished.
--
Please remember to select a correct answer and rate helpful posts
03-02-2016 11:36 AM
I tried that and it still does not work. Do you think resetting the appliance is an option?
03-02-2016 03:38 PM
I do not beleive that resetting the ASA will solve the issue....but if it is an option, it doesn't hurt to try.
But first try to add the following:
ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5
--
Please remember to select a correct answer and rate helpful posts
03-03-2016 05:58 AM
I will run that and test the result. Thank you.
03-04-2016 03:37 PM
Any luck with the ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5 command?
--
Please remember to select a correct answer and rate helpful posts
03-09-2016 03:52 AM
Hi,
I ran the command you suggested and the webgui is still not coming up. It still hangs. I put the ssl encryption back to the original settings and tried it again and still no luck.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide