Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
1
Replies

Several issues with ASDM 6.4(9) and ASA 8.4(4)1

joan.ballaud
Level 1
Level 1

‎10-29-2012 10:39 AM - edited ‎03-11-2019 05:15 PM

Hello everyone,

Here are some issues I noticed regarding the backup and restore using ASDM on ASA with my versions:

  • the data.xml file containing the CSD settings is not backup using the backup/restore feature of ASDM.
  • Using failover, importing a PCKS12 certificate file into the ASA using ASDM does not create the private key on the secondary unit.
  • Using failover, importing the AnyConnect profile file (instead of generating it from the template file in ASDM) does not replicate it on the secondary unit.
  • I cannot find the AnyConnect Customization/Localization files in my backup file generated through ASDM.

Should I open 4 cases to Cisco TAC, or did I miss something ?

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎10-29-2012 10:49 AM

Hello Joan,

Using failover, importing a PCKS12 certificate file into the ASA using ASDM does not create the private key on the secondary unit:

     Is this a third party certificate? If yes you need to import it manually to the secondary box

Using failover, importing the AnyConnect profile file (instead of generating it from the template file in ASDM) does not replicate it on the secondary unit.

     Anyconnect Profiles do not replicate to the secondary unit, You need to do it manually.

CSCsr31403 Bug

When configuring the ASA in a failover pair you must manually copy the AnyConnect and CSD images to both the Primary and Secondary ASA devices. You must also do the same for the Anyconnect profile file if it is being used.

Either force the standby ASA to become active and copy the files to the new active ASA using ASDM or copy the files directly from the standby ASA console using tftp or ftp.

Hope I could help,

Julio

Remember to rate all of the helpful posts, If you need any assistance on how to rate a post just let me know

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card