Unable to launch Device Manager - ASDM issue

Anim Saxena · ‎04-28-2014

Introduction:
Problem:
Prerequisites:
Solution:
Source Discussion:

Introduction:

This document describes the issue faced by an user with ASDM.

Problem:

User have recently upgraded his spare ASA 5510 router to version 9.1(3) with ASDM image Version 7.1(5)100. The client user is attempting to run the ASDM launcher on is Windows 7 x64 running the latest version of Java (7 update5).

He/She is able to get to the main screen when he/she https to the device. He/She can install the ASDM launcher, but once he/she enter the host-name and Password he/she receive the following error
"Unable to launch Device Manager 192.168.X.XXX"

User have gone through a check list and he/she confirm the following:

3des-sha1 license is enabled
HTTP server is enabled for my clients subnet
ssl encryption is enabled
Tried Firefox and IE10

When he/she attempt to run the ASDM via the browser user get as far as asking for the password and although the initial prompt seems to accept it, another authentication box appears asking for it over and over again in an endless loop.
The box was previously flashed back to factory-default before I then applied the configuration from scratch (based on the config of our live ASA 5510).

Prerequisites:

ASA 5510
IOS V9.1(3)
ASDM image: V 7.1(5)100

Solution:

output of "show run all ssl"

CISCO-ASA-1(config)# show run all ssl
ssl server-version any
ssl client-version any
ssl encryption rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
ssl certificate-authentication fca-timeout 2

Please add the following command on the ASA and then test.
aaa authentication http console LOCAL

Along with that , there should be a username and password in ASA's local database. So try to configure following command and then check:
username cisco password cisco

User follows the below mentioned steps and add an exception in Java for the ASDM IP address because he/she have been seeing issues after JAVA 7 update 51. Please follow the below steps and the check if it works for you.

Add a security exception for the ASA in the Java Control Panel, so that you could launch the current ASDM image and upgrade it from within ASDM:

Open Java Control Panel
on Windows: Start > Control Panel > Java Control Panel
on Mac: click on Java icon in System Preferences
Go to the Security tab: In the Exception Site List section at the bottom, click Edit Site List and add the ASA you want to manage with ASDM.

https://>IP address of the ASA

User need to export self-signed certificates from each of his ASAs and then imported them into the "secure site" section in Java console (the "trusted certificates" section did not work). User have seen this previously for another java application as well. This was with ASDM 7.1(5)100 and Java version 7 update 51.

Source Discussion:

Unable to launch Device Manager

vincentsee2000 · ‎05-04-2014

Hi, I am having the same problem as described above.

I have tried the above step and my ASDM can now launch from the Java Web from Firefox, and can manage my asa from the web broswer ASDM. However, my ASDM local application are still receiving the same error msg "Unable to launch Device Manager 192.168.X.XXX", and could not connect to my asa.

Any advise please? The model and version that I am using are as per below:

1) ASA 5512X

2) ASA IOS Platform: 9.1(2)

3) ASDM version : 7.1(3)

4) Java version 32-bit:1.7.0_55, and 1.7.0.05

5) Windows 7 Prof 64bits

Konnekt1911 · ‎05-28-2014

vincent...I had this issue as well. In addition to the well outlined cause above, it could be a many other things that could cause issue. Triple check your config from end to end and you will probably find the issue...if its persists let me know and I'll see what other information I can provide.