cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
258
Views
1
Helpful
3
Replies

Not able to access from Outside Networking through ASDM

qautomation
Level 1
Level 1

Hi all,

We purchased the Firepower 2110 loaded with ASA. While sending from factory and there was no base license enabled.

We commissioned the Firewall and while we are trying to access the Firewall from outside Network it throws an error as SSL.

 

3 Replies 3

@qautomation the error indicates a TLS cipher mismatch.

What is configured on the ASA? Run the command show ssl

You can configure secure TLS/SSL protocol, from the CLI enter the command ssl server-version tlsv1.2 dtlsv1.2

Then to use the more secure ciphers, from the CLI enter the commands:

ssl cipher tlsv1.2 high
ssl cipher dtlsv1.2 high

More information here on configuring secure TLS ciphers on the ASA - https://integratingit.wordpress.com/2021/01/27/securing-asa-tls-ciphers/

If you still have a problem please provide your configuration so we can review.

 

Marvin Rhoads
Hall of Fame
Hall of Fame

Did you register  the ASA with a Smart license token yet? You will need to do so and make sure that the "allow export controlled features" tick box is checked in your smart portal when creating the registration token. That will ensure that 3DES-AES licensing is enabled which allows the ASA to activate modern cryptographic protocol support.

Hi,

We hadn't registered the smart license token yet. We would like to understand whether due to this we are not able to access it from Outside Network. As the Firewalls installed in Air-Gapped(On-Perm). During Purchase of the Firewall we have to request for PLR ?

Review Cisco Networking for a $25 gift card