Solved: On my PC, I add in the JCE

Deepak Chauhan · ‎02-21-2017

Hi All,

Unable to access ASA via ASDM. Seems because of some Java Issue, unable to access. Do anyone confirm it and suggest resolution. Java 7.0.450.18 is installed on my laptop.

Marvin Rhoads · ‎02-22-2017

On my PC, I add in the JCE for strong crypto support on Java. That allows me to access ASAs that I have locked down to allow on strong cryptographic algorithms.

See this thread:

https://supportforums.cisco.com/discussion/12729756/asdm-aes-256-not-supported#comment-11388121

View solution in original post

Deepak Chauhan · ‎02-21-2017

ASDM Java Logs:

Using JRE version 1.7.0_45 Java HotSpot(TM) 64-Bit Server VM
User home directory = C:\Users\od695
----------------------------------------------------
c:   clear console window
f:   finalize objects on finalization queue
g:   garbage collect
h:   display this help message
m:   print memory usage
q:   hide console
s:   dump system properties
----------------------------------------------------
OK button clicked
java.net.SocketException: Connection reset
   at java.net.SocketInputStream.read(Unknown Source)
   at java.net.SocketInputStream.read(Unknown Source)
   at sun.security.ssl.InputRecord.readFully(Unknown Source)
   at sun.security.ssl.InputRecord.read(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
   at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
   at com.cisco.launcher.s.new(Unknown Source)
   at com.cisco.launcher.s.actionPerformed(Unknown Source)
   at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
   at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
   at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
   at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
   at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
   at java.awt.Component.processMouseEvent(Unknown Source)
   at javax.swing.JComponent.processMouseEvent(Unknown Source)
   at java.awt.Component.processEvent(Unknown Source)
   at java.awt.Container.processEvent(Unknown Source)
   at java.awt.Component.dispatchEventImpl(Unknown Source)
   at java.awt.Container.dispatchEventImpl(Unknown Source)
   at java.awt.Component.dispatchEvent(Unknown Source)
   at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
   at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
   at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
   at java.awt.Container.dispatchEventImpl(Unknown Source)
   at java.awt.Window.dispatchEventImpl(Unknown Source)
   at java.awt.Component.dispatchEvent(Unknown Source)
   at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
   at java.awt.EventQueue.access$200(Unknown Source)
   at java.awt.EventQueue$3.run(Unknown Source)
   at java.awt.EventQueue$3.run(Unknown Source)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.awt.EventQueue$4.run(Unknown Source)
   at java.awt.EventQueue$4.run(Unknown Source)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.awt.EventQueue.dispatchEvent(Unknown Source)
   at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
   at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
   at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
   at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
   at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
   at java.awt.EventDispatchThread.run(Unknown Source)
java.net.SocketException: Connection reset
   at java.net.SocketInputStream.read(Unknown Source)
   at java.net.SocketInputStream.read(Unknown Source)
   at sun.security.ssl.InputRecord.readFully(Unknown Source)
   at sun.security.ssl.InputRecord.read(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
   at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
   at com.cisco.launcher.s.new(Unknown Source)
   at com.cisco.launcher.s.actionPerformed(Unknown Source)
   at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
   at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
   at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
   at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
   at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
   at java.awt.Component.processMouseEvent(Unknown Source)
   at javax.swing.JComponent.processMouseEvent(Unknown Source)
   at java.awt.Component.processEvent(Unknown Source)
   at java.awt.Container.processEvent(Unknown Source)
   at java.awt.Component.dispatchEventImpl(Unknown Source)
   at java.awt.Container.dispatchEventImpl(Unknown Source)
   at java.awt.Component.dispatchEvent(Unknown Source)
   at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
   at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
   at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
   at java.awt.Container.dispatchEventImpl(Unknown Source)
   at java.awt.Window.dispatchEventImpl(Unknown Source)
   at java.awt.Component.dispatchEvent(Unknown Source)
   at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
   at java.awt.EventQueue.access$200(Unknown Source)
   at java.awt.EventQueue$3.run(Unknown Source)
   at java.awt.EventQueue$3.run(Unknown Source)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.awt.EventQueue$4.run(Unknown Source)
   at java.awt.EventQueue$4.run(Unknown Source)
   at java.security.AccessController.doPrivileged(Native Method)
   at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
   at java.awt.EventQueue.dispatchEvent(Unknown Source)
   at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
   at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
   at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
   at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
   at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
   at java.awt.EventDispatchThread.run(Unknown Source)
Trying for ASDM Version file; url = https://160.95.230.140/admin/
java.net.SocketException: Connection reset
   at java.net.SocketInputStream.read(Unknown Source)
   at java.net.SocketInputStream.read(Unknown Source)
   at sun.security.ssl.InputRecord.readFully(Unknown Source)
   at sun.security.ssl.InputRecord.read(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
   at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
   at com.cisco.launcher.y.a(Unknown Source)
   at com.cisco.launcher.y.if(Unknown Source)
   at com.cisco.launcher.r.a(Unknown Source)
   at com.cisco.launcher.s.do(Unknown Source)
   at com.cisco.launcher.s.null(Unknown Source)
   at com.cisco.launcher.s.new(Unknown Source)
   at com.cisco.launcher.s.access$000(Unknown Source)
   at com.cisco.launcher.s$2.a(Unknown Source)
   at com.cisco.launcher.g$2.run(Unknown Source)
   at java.lang.Thread.run(Unknown Source)
Trying for IDM. url=https://160.95.230.140/idm/idm.jnlp/
java.net.SocketException: Connection reset
   at java.net.SocketInputStream.read(Unknown Source)
   at java.net.SocketInputStream.read(Unknown Source)
   at sun.security.ssl.InputRecord.readFully(Unknown Source)
   at sun.security.ssl.InputRecord.read(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
   at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
   at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
   at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
   at com.cisco.launcher.w.a(Unknown Source)
   at com.cisco.launcher.s.for(Unknown Source)
   at com.cisco.launcher.s.new(Unknown Source)
   at com.cisco.launcher.s.access$000(Unknown Source)
   at com.cisco.launcher.s$2.a(Unknown Source)
   at com.cisco.launcher.g$2.run(Unknown Source)
   at java.lang.Thread.run(Unknown Source)

Deepak Chauhan · ‎02-21-2017

ASA Details:

ASA5525

Cisco Adaptive Security Appliance Software Version 9.5(3)
Device Manager Version 7.6(2)150

Marvin Rhoads · ‎02-21-2017

Are you able to upgrade to a current Java release (i.e 1.8.0.121-b13 or later) and try again?

Deepak Chauhan · ‎02-22-2017

Hmm... rather than Java upgrade... I change the ASDM version to 7.6.2 ( on which my other firewalls are accessible) but still issue is same. I have use this firewall & other 3 for anyconnect VPN. All anyconnect VPN firewalls are facing this.

Deepak Chauhan · ‎02-22-2017

it worked after change ssl version to tlsv1 ( to accept SSLv2 ClientHellos and negotiate TLSv1 (or greater). Is connection with asdm still works on tlsv1? Isn't it outdated? Any suggestion Marvin?

Marvin Rhoads · ‎02-22-2017

On my PC, I add in the JCE for strong crypto support on Java. That allows me to access ASAs that I have locked down to allow on strong cryptographic algorithms.

See this thread:

https://supportforums.cisco.com/discussion/12729756/asdm-aes-256-not-supported#comment-11388121

Zack452 · ‎09-29-2017

check if ssl cipher tlsv1.2 setup on medium not hight

the command is ssl cipher tlsv1.2 medium

and it will work

Here is the information in case you need to enable high level algorithms for authentication on the ASA.

Additional info:

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download

http://www.oracle.com/technetwork/java/embedded/embedded-se/downloads/jce-7-download-432124.html