Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
579
Views
0
Helpful
2
Replies

Brand new FP-1010 running ASA code unable to login with ASDM

Go to solution
the-lebowski
Enthusiast
Enthusiast

‎07-18-2023 07:25 PM - edited ‎07-19-2023 05:22 AM

Does anyone have any idea why when I attempt to use ASDM to access a brand new device I am unable to login via ASDM?  Its running the latest image so when I do try to login it asks me to update and if I do update it breaks ASDM for all of my ASA/FPs.  If I don't upgrade it doesn't even let me attempt to login. 

The ASDM launcher on this new box is v1.9(7).  I am currently using v1.9(0) which works fine with a fair amount of ASA/FP running ASA code throughout our environment.  Its just the new box (of which we have a lot) that refuses to let ASDM work with either version of ASDM launcher.  

Looking at 'debug http 255' when I try to login gives TCP-O resets but packet capture shows traffic in both directions.   I tried changing JAVA to use a direct connection vs proxy but that didn't make any difference.  SSH works, HTTPS works and allows you to install the ASDM launcher, the only thing that doesn't work is actually try to use ASDM. 

Encryption-3DES-AES is enabled as well if that matters and tried changing the http port but that didn't work.  

 

 

fw1-1010-va# show run asdm
asdm image disk0:/asdm-7191-95.bin
no asdm history enable

fw1-1010-va# show run http
http server enable
http 192.168.1.0 255.255.255.0 inside
http 192.168.86.0 255.255.255.0 management
http 0.0.0.0 0.0.0.0 management
http 0.0.0.0 0.0.0.0 inside

fw1-1010-va# show run username
username admin password ***** pbkdf2 privilege 15

fw1-1010-va# show run aaa
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history

Cisco Adaptive Security Appliance Software Version 9.18(3)46
...

 

 

 

 

 

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
the-lebowski
Enthusiast
Enthusiast
In response to Milos_Jovanovic

‎08-08-2023 06:20 AM

Issue was version of Java running on my computer, it was too old for that version of ASDM.   I needed 8u261 or later and I was running something earlier.  Upgrading it to that exact version allowed me to login via ASDM.  

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎08-08-2023 05:47 AM

Hi @the-lebowski,

Try issuing "show version" and make sure you have AES (Strong Encryption) license enabled. By default, ASDM will run on HTTPS, which in turn requires Strong Encryption license. I've seen multiple times ASDM doesn't work because of this, although everything else seemed to be ok.

Kind regards,

Milos

0 Helpful

Go to solution
the-lebowski
Enthusiast
Enthusiast
In response to Milos_Jovanovic

‎08-08-2023 06:20 AM

Issue was version of Java running on my computer, it was too old for that version of ASDM.   I needed 8u261 or later and I was running something earlier.  Upgrading it to that exact version allowed me to login via ASDM.  

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents