Hi! I do not have sourcefire installed. 

The java version I am running is Java 6.  I am unable to upgrade or downgrade my Java version b/c I am accessing the device via a Thin client. 

I have another firewall (running the same version), and I am able to access it via command line AND via the WEBgui without issue.  So I am puzzled as to why my other system hangs. 

can you access the ASA in question via the CLI? is it just the ASDM you are having issues with?  Do you see anything in the logs?  

--

Please remember to select a correct answer and rate helpful posts

Yes, I can access the firewall via the CLI with no issues.  It is just brining up the ASDM that is the issue.  The ASDM launcher  version that is loaded with the firewall that works is 1.5(7). 

The ASDM launcher version that is loaded with the firewall that does NOT Work is 1.6 and it is also trying to use java runtime version 1.6 and it fails.  I am not sure if that version is not compatible. 

What java version are you running on your PC?  ASDM 1.5 is not supported in newer Java versions so you will need to downgrade to 6.  If you are running version 6 then check the following:

show run http

show run asdm

Also make sure there is a self signed certificate that is used by the asa

show crypto ca trustpoint

--

Please remember to select a correct answer and rate helpful posts

I have Java 6 installed.  when I run those commands on the firewall that is not bringing up the WebGUI this is my output:

show run http   output is: http server enable, then I have a list of my servers and the interfaces.  On the firewall that is running the same thing is displayed. 

show run asdm: the output shows the image disk and no asdm history enable.  On the firewall that works the http asdm history is enabled. 

show crypto ca trustpoints: the output shows nothing it is blank.  This is also blank when I run this command on my working firewall. 

could you also issue the following commands:

show cry ca certificate

show run all ssl

--

Please remember to select a correct answer and rate helpful posts

when I run the first command show cry ca certificate: both appliances output is blank. 

the show run all ssl command the settings are the same for both:

ssl server- verison any

ssl client-version any

it also lists all the encryption algorithms on both firewalls and shows the certificate authentication fca timeout 2. 

Try issuing the commands:

no http server enable

http server enable

It looks like the self signed certificate the ASA uses for ASDM is missing.

if that doesn't work then you will need to enable the local CA server on the ASA and create a new self signed certificate.  and then disable the CA server once finished.

--

Please remember to select a correct answer and rate helpful posts

I tried that and it still does not work.  Do you think resetting the appliance is an option? 

I do not beleive that resetting the ASA will solve the issue....but if it is an option, it doesn't hurt to try.

But first try to add the following:

ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5

--

Please remember to select a correct answer and rate helpful posts

I will run that and test the result.   Thank you.

Any luck with the ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5 command?

--

Please remember to select a correct answer and rate helpful posts

Hi,

I ran the command you suggested and the webgui is still not coming up.  It still hangs.  I put the ssl encryption back to the original settings and tried it again and still no luck.