I am using the Cisco CSM 4.0 on a Windows 2008 64 bits.
It appears to be very sensitive, especially on the Windows configuration...
The thing is that when trying to connect to the Web server (in local or remote), I have the login page but when entering my credentials the server gives me a 403 error: forbidden. Furthermore I cannot use the CSM Client at all...
I've looked into the log files but nothing really special appears in my opinion.
The Apache log file shows the 403 error, but nothing more... (expect for a warning about the certificate CN which doesn't match the hostname, but it matches!!).
I even tried to uninstall the CSM and re-install it: nothing changed...
I don't know exacly how it looks like in 4.0, but in 3.3.1 the problem was that services were not completely running, or that Tomcat service had problems. It takes some time for Tomcat to run properly. As installation guide explained,
Use a browser on the client system to log in to the Security Manager server at:
:1741. If you see an error message that says “Forbidden” or “Internal
Server Error,” the required Tomcat service is not running. Unless you rebooted your server
recently and Tomcat has not had enough time yet to start running, you might have to review
server logs or take other steps to investigate why Tomcat is not running.
all I got to do is to restart main service - Cisco Security manager deamon manager, and wait with patience
Yes I saw in the Cisco Bug ToolKit a bug related to Apache that doesn't start with the appropriate arguments. But I checked the workaround and it appears this is not my problem...
I restarted several times the CSM daemon manager and more several times Tomcat and Apache and nothing really changes... I have a pretty powerfull server and the processes start in a very short time...
Maybe I'll check on the certificate problem... It may bother Apache more than I think...
Ouch you were right! I've waited more than usually after a complete reboot of the server and now it works again!
Honestly this is a very strange behaviour, but ok, now I know it
Hum, I have only a small background on the 3.3 so my opinion about the differences won't be very valuable...
However it seems they made "only" few changes, not on the GUI but I think a lot of bugs have been fixed in 4.0 and that's already an improvement
The 4.0 has also been introduced to support new equipment (e.g. ASA 8.3+) so I think there is no real "gap" between 3.3 and 4.0, expect for the two points I've just mentioned before (fewer bugs and new models support). But that's only my opinion!