09-24-2018 12:30 PM - edited 03-12-2019 06:59 AM
Hello,
I bought an ASA5506-X, and I am not able to access ASDM.
SSL Error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I use command
show ssl ciphers all
and show only those two.
DES-CBC-SHA, NULL-SHA
How to add others?
09-24-2018 02:02 PM
You are lacking all the cipher suites. fix this by the command:
"ssl encryption 3des-sha1 aes128-sha1 aes256-sha1"
..without the quote marks of course.
09-24-2018 02:04 PM
It does not work, command is deprecated.
09-24-2018 02:08 PM - edited 09-24-2018 02:09 PM
Wasn't sure which version you were on, but beginning 9.3(2), 'ssl encryption' command was deprecated, try 'ssl cipher' instead.
09-24-2018 02:20 PM
It is in version 9.8. I tried to use the ssl cipher and put a different option from the previous ones it does not support.
09-25-2018 08:23 AM
What is the output of "show run all ssl" ?
09-25-2018 09:52 AM
It most likely wasn't ordered with the (free) 3DES-AES license. (i.e., the ordering SKU ended with K8 instead of K9)
Check via "show activation-key".
If indeed you don't have that license, go to software.cisco.com and get one.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide