Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
318
Views
0
Helpful
3
Replies

Unable to run older ASDM

jonathanleslie
Level 1
Level 1

ā€Ž03-16-2016 09:36 AM - edited ā€Ž03-12-2019 12:30 AM

I have a customer using an ASA 5505 who we do very little work for so very often when they ask us to do some work it's something we've not touched before as in this case. I'm trying to setup VPN so the users can connect into the office network and I suspect it's not configured to allow and forward PPTP VPN connections to the server where RRAS is running. The server is running Windows server 2012 (not R2).

First I found out the ASA wasn't setup for http access but I managed to get that enabled via Telnet. Once I got that done then I found I couldn't hardly connect or login to the ASA and deduced it was a Java issue. The server was running the latest Java v8. The ASA is ASDM 5.2 which I think is pretty old. I'm used to SonicWalls, not ASAs.

I removed Java 8 and finally went all the way back to 1.4.2 which of course isn't secure but at least now I can connect and login. However when I try to run the ASDM Applet it gets up to 100% and says "Not able to load Application, Exception in Startin...". I've tried to install the ASDM Launcher and use that but when I run it after installation I get a tiny window that is only big enough to display the minimize, maximize, and close buttons and it can't be increased by dragging a corner or clicking maximize as the maximize button is grayed out.

This is all done using IE11 with and without compatibility mode. I can't get Firefox or Chrome to connect to the router at all to even login to it. Firefox says Java isn't enabled and I can't see how to do that and Chrome won't connect as it says there is no common SSL protocol or cipher suite, likely due to the age of the ASA.

I can't say how reluctant I am to try to upgrade ASDM on this ASA as I have no idea what all has been done with it before or if it will break. At least now it works. And since this customer seems very reluctant to ask for work to be done I'm not sure they would want to take the risk either.

So short of updating ADSM beyond the 5.2 it is now, is there anything I can do to actually get into the routers interface and do the work I'm trying to do of setting up forwarding of port 1723 to the server for the VPN?

Jonathan

Labels:
0 Helpful
3 Replies 3

Dan Lukes
VIP Alumni
VIP Alumni

ā€Ž03-16-2016 09:51 AM

Feedback forum is dedicated to other topics. See forum description for details.

Moved to Firewalling

0 Helpful

jonathanleslie
Level 1
Level 1
In response to Dan Lukes

ā€Ž03-16-2016 11:43 AM

Dan,

Sorry about posting in the wrong forum. I forgot to check what forum I was in before posting. Thanks for moving my thread to the correct forum.

0 Helpful

Aditya Ganjoo
Cisco Employee
Cisco Employee

ā€Ž03-16-2016 10:15 AM

Hi Jonathan,

May I know what is the ASA version running on the ASA ?

Also to port forward 1723 for PPTP you can use this sample config:

Assuming your PPTP server is connected to the inside interface.

object network VPN-TCP

host 10.1.1.1

nat (inside,outside) static interface service tcp pptp pptp

object-group protocol DM_INLINE_PROTOCOL_1

protocol-object gre

access-list outside extended permit gre any host 10.1.1.1

access-list outside extended permit tcp any object VPN-TCP eq pptp

policy-map global_policy

class inspection_default

inspect pptp

Regards,

Aditya

Please rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card