ASDM 5.21 Bug

Greetings,
When I do changes in the security policies in the PIX using the ASDM, I apply and save. When I move from security policy interface to another one, e.g., NAT, I receive the pop-up message
There are changes to the configuration that have not been applied to the device.
Please apply or discard the changes before proceeding further.
I press apply and the pop-up disappears, then I try to move to the NAT interface and I get it again. It does not allow me to switch from the policy configuration screen unless I press ?disregard changes?
When I press ?disregard changes?, I switch between interfaces, luckily my changes I did are applied.
This is very annoying, and I wonder if this is a bug in the 5.21 ADSM

Try these links:
http://www.cisco.com/en/US/products/ps6121/prod_release_note09186a00806a9755.html
http://www.cisco.com/en/US/products/ps6121/products_user_guide_chapter09186a00806a2f46.html

Similar Messages

  • ASDM 5.0 bug

    Hi,
    I had a problem configuring vpn site to site using asdm 5.0. The remote end point was a CheckPoint Firewall. It
    seems that the asdm gui, for the SA lifitime, save only the  the value of the kilobyte of traffic,but  not the time in seconds. I would like to know if there is an upgrade that solve this bug.

    Hi.
    I'm using asdm 6.3(4) and i don't have the problem there. so test it with the latest version.
    Regards,
    Fadi.

  • Java Error message with Webdeploy

    Hello
    It seems that the current Java version 7.0.45 produces a new error message when connecting to an ASA running 8.4(6) with Anyconnect 3.1.04059 through WebLaunch. The java error (information) states:
    This application will be blocked in a future Java security update because the JAR file manifest does not contain the Permissions attribute. Please contact the Publisher for more information.
    Is this error/issue allready known?
    The installation will continue though, but I still don't like that my users get an error message.
    Thanks
    Patrick

    This appears to have been escalated with Java version 7 Update 51.  Now I can not open any ASDMs to my ASAs.  I get Unable to open device manager on .  Here's the java log from when I connect.  I even have the lastest version of ASDM from the bug above (7.1.5.100).
    Using JRE version 1.7.0_51 Java HotSpot(TM) Client VM
    User home directory = C:\Users\
    c:   clear console window
    f:   finalize objects on finalization queue
    g:   garbage collect
    h:   display this help message
    m:   print memory usage
    q:   hide console
    s:   dump system properties
    OK button clicked
    java.lang.NullPointerException
    at com.sun.deploy.security.DeployManifestChecker.printWarningsIfRequired(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.doShowDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.actionPerformed(Unknown Source)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Window.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
    at java.awt.EventQueue.access$200(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.actionPerformed(Unknown Source)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Window.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
    at java.awt.EventQueue.access$200(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: Java couldn't trust Server
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    ... 50 more
    java.lang.NullPointerException
    at com.sun.deploy.security.DeployManifestChecker.printWarningsIfRequired(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.doShowDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.actionPerformed(Unknown Source)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Window.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
    at java.awt.EventQueue.access$200(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.actionPerformed(Unknown Source)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Window.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
    at java.awt.EventQueue.access$200(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: Java couldn't trust Server
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    ... 50 more
    Trying for ASDM Version file; url =
    https://oraappvpn01/admin/
    java.lang.NullPointerException
    at com.sun.deploy.security.DeployManifestChecker.printWarningsIfRequired(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.doShowDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
    at com.cisco.launcher.y.a(Unknown Source)
    at com.cisco.launcher.y.if(Unknown Source)
    at com.cisco.launcher.r.a(Unknown Source)
    at com.cisco.launcher.s.do(Unknown Source)
    at com.cisco.launcher.s.null(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.access$000(Unknown Source)
    at com.cisco.launcher.s$2.a(Unknown Source)
    at com.cisco.launcher.g$2.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
    at com.cisco.launcher.y.a(Unknown Source)
    at com.cisco.launcher.y.if(Unknown Source)
    at com.cisco.launcher.r.a(Unknown Source)
    at com.cisco.launcher.s.do(Unknown Source)
    at com.cisco.launcher.s.null(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.access$000(Unknown Source)
    at com.cisco.launcher.s$2.a(Unknown Source)
    at com.cisco.launcher.g$2.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: Java couldn't trust Server
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    ... 21 more
    Trying for IDM. url=https://oraappvpn01/idm/idm.jnlp/
    java.lang.NullPointerException
    at com.sun.deploy.security.DeployManifestChecker.printWarningsIfRequired(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.doShowDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.w.a(Unknown Source)
    at com.cisco.launcher.s.for(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.access$000(Unknown Source)
    at com.cisco.launcher.s$2.a(Unknown Source)
    at com.cisco.launcher.g$2.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Java couldn't trust Server
    at sun.security.ssl.Alerts.getSSLException(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
    at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
    at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
    at sun.security.ssl.Handshaker.processLoop(Unknown Source)
    at sun.security.ssl.Handshaker.process_record(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
    at com.cisco.launcher.w.a(Unknown Source)
    at com.cisco.launcher.s.for(Unknown Source)
    at com.cisco.launcher.s.new(Unknown Source)
    at com.cisco.launcher.s.access$000(Unknown Source)
    at com.cisco.launcher.s$2.a(Unknown Source)
    at com.cisco.launcher.g$2.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: Java couldn't trust Server
    at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
    ... 19 more

  • CSCum57517 - ASDM launcher is not working with Java 7u51 - 1

    I am running 1.7.0_51_b13 with ADSM 7.1.5(100) and I still have the issue.   Bug stiill exists in the hotfix.

    I was able to solve the issue by enrolling and authenticating the ASA with an internal CA, configuring internal DNS to point to the common name used in the cert, and using the hostname in ASDM (similar to harold's solution but using internal issued cert rather than external cert).

  • "Lost connection to Firewall" message in ASDM Device Dashboard and Firewall Dashboard

    Question: I see this message for CPU,MEMORY,TRAFFIC,INTERFACE Stats.Any ideas ?Eveything is working except I see this message.
    It has ASA 5540 VER 8.2 and ASDM 6.2
    Thanks

    This is probably bug CSCta49088.
    Did you try to reload the ASA?
    you might need to open a TAC case so they can provide you with an image that fixes it.
    I hope it helps.
    PK

  • Configuration Changes logging issue, ASDM related?

    I've run into an interesting problem.
    ASA: 8.4(2)
    ASDM: 6.4(5)
    When I make a change at the CLI, syslog message ASA-5-111008 is generated and sent to the syslog servers, local buffer, and ASDM.
    When I make a change in ASDM, syslog message ASA-5-111008 is  generated and sent to the local  buffer and ASDM. It is NOT sent to the syslog server.
    Here's my logging config...
    Firewall# sh run logging
    logging enable
    logging timestamp
    logging standby
    logging buffer-size 409600
    logging buffered informational
    logging trap notifications
    logging asdm notifications
    logging host Inside xx.xx.xx.AA 6/1468
    logging host Inside xx.xx.xx.BB 6/1468
    logging flash-minimum-free 10240
    logging flash-maximum-allocation 10240
    logging permit-hostdown
    Surely I'm missing something obvious.  Is this a known bug?
    Thanks!

    Ha, I did upgrade just a few minutes ago, but same result.
    That does look similar, and so does ...
    CSCth14248 ASA not sending all logging messages via TCP logging
    Looks like I'll need to upgrade to 8.4(3) to fix these and see how it goes.
    thanks!

  • Privilege level - ASDM

    Hi,
    I have defined on the RADIUS server a profile with privilege level 0 with the
    "shell:priv-lvl=0" command on the server. The problem is that when
    the user logs into the firewall it is always given privilege level 1 (if SSH)
    or 15 (if ASDM).
    The AAA configuration on the firewall is the following:
    aaa-server RADIUS protocol radius
    aaa-server RADIUS (outside) host x.x.x.x
    retry-interval 1
    key *
    authentication-port 8812
    accounting-port 8813
    aaa authentication http console RADIUS LOCAL
    aaa authentication ssh console RADIUS LOCAL
    aaa authentication enable console RADIUS LOCAL
    Can you tell me what I need to do to authenticate using RADIUS, but assigning
    the correct privilege levels?
    I have been refered to bug ID CSCsh17346, but although i've updated the image to 7.2.2.22 it still does not work.
    Thanks in advance.
    (in attachment is the output of the radius debug).

    Hi Paulo,
    What I think is, you are looking for something like this,
    Limiting User CLI and ASDM Access with Management Authorization:
    http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_80/conf_gd/sysadmin/mgaccess.htm#wp1070306
    Go through what setting with what protocol, will give you what level of access. This might help.
    And what you originally looking for is, might be related to this,
    Configuring Command Authorization
    http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_80/conf_gd/sysadmin/mgaccess.htm#wp1042034
    Go through complete heading, but to be specific interesting part is "Configuring Local Command Authorization"
    Above links worth a read.
    This might help.
    Regards,
    Prem

  • ASDM demo mode in Windows 7?

    I downloaded and installed asdm-demo-631.msi. At the startup prompt, it says Cisco ASDM-IDM Launcher. I click Run in Demo Mode, but it errors out saying "Demo software is not installed. Please install demo software from             http://www.cisco.com/pcgi-bin/tablebuild.pl/asa". This is on Win7 64bit. See attached. Any ideas?

    Hello,
    This is a bug in the ASDM 6.3.1 please use ASDM 6.3.3 for the fix for this issue.
    You can download from
    http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=6.3.3&mdfid=279916878&sftType=Adaptive+Security+Appliance+%28ASA%29+Device+Manager&optPlat=&nodecount=2&edesignator=null&modelName=Cisco+ASA+5520+Adaptive+Security+Appliance&treeMdfId=268438162&treeName=Security&modifmdfid=null&imname=&hybrid=Y&imst=N&lr=Y
    Thanks,
    --Sunil

  • ASDM issues after upgrade to JAVA 8 on Macbook

    Hi all, I have a MacBook running 10.10.2, and just upgraded to Java 8 build 40. Wouldn't you know ASDM has now started to "freeze" after I login to the appliance and ASDM is trying to parse the configuration. This has happened when I hit an ASA 5545 running 9.3.1 code (ASDM 7.3.1) but it does NOT happen when I hit an ASA5520 running older 9.1.5 code (ASDM 7.3.1). Odd. Anyone else seeing this? Sure enough when I drop Java back to 7 build 75, ASDM runs fine again when I login to those appliances.
    Just as a try, I did upgrade ASDM to 7.3.3 and bumped up the heap size per the release notes, but that did nothing to resolve this issue. ASDM still freezes as its trying to parse the configuration (about 2-4 seconds after I login).
    Any help or suggestions would be appreciated.
    Thank you,
    Jeff

    Looks like you are hitting the following bug
    CSCut04399
    ASDM hangs on MAC after upgrade to Java 8
    Workaround:
    none

  • ASDM AAA privileges

    I am trying to set up AAA for managment on my ASA. I have the admin users up and working fine. Now I need to set up access so that my help desk users have the ability to monitor VPN sessions and log them out via the ASDM. I don't want them to be able to get the configuration tab at all and I don't want these users to have access to the CLI at all.
    I created the local user I wanted and set the privilege level to 3 (selected "YES" to the "create predefined admin, read-only, monitor-only" prompt). I then went logged in as this user and the configuration tab was gone like I wanted. I then clicked on "Monitor" and "VPN". I could see the ssessions but the "logout" button was not available. I expected this so I modified the privilege levels for the vpn-sessiondb commands to a privilege level of 3. I tried logging in again but the logout button was still not available.
    Can anyone tell me if this is possible?
    Thanks.

    Hi,
    Not sure what is the ASDM version you are using but you might running into BUG CSCsz83205
    Symptom:
    Users with privilege level below 15 unable to logoff VPN sessions from ASDM.
    Conditions:
    ASA is not configured for 'command authorization'.
    Workaround:
    Use Command Line Interface to logoff VPN sessions.
    I have ASDM 6.3 and I am able to see logout with priv level 3
    Thanks
    Waris Hussain.

  • CLI/ASDM shows much more traffic on FWSM than via SNMP?

    Hi!
    I've noticed a strange behaviour of our FWSM (Release 3.1.3). When starting the ASDM or using CLI (show interface XY stats), both ways show the same amount of traffic. It's the same amount of traffic the 6513 router beyond also measures.
    But when i try to use SNMP on the OIDs ifOutOctets/ifInOctets, i get way too little traffic. Also the packet counter shows way too little packets than i get via CLI or the ASDM frontend.
    Is it a bug of the firmware or does the FSWM count the traffic and packets in a different way?
    Can someone please verify this?
    Thanks!

    Hi,
    Do you see any errors on ASA Eth0/1(to switch)?  Running the similar speed tests with wired and wifi? Client traffic on network is same as well?
    Thx
    MS

  • CSM, ASDM & FWSM versions

    Hi,
    Can anyone explain the interaction between CSM, ADSM & the FWSM I'm trying to work out if there are incompatible combinations with various versions.?
    It is my understanding that the CSM server makes a connection to port 443 on the FWSM so must be communicating with the installed ASDM version. We have a CSM 3.1.1 server & FWSM 3.1(4) installed, is there a specific ASDM version that should be installed on the FWSM when using CSM or can we just upgrade to the latest - the 6.1(x)F ASDM release notes says it is compatable with FWSM 3.1(4).
    One of the reasons I am checking is that we recently had an issue where an ACL entry was not being match correctly and the packets were being discarded by an entry further down the list. Originally the offending entry had the subnet referenced by IP/netmask, we changed the entry in CSM to use an object group for the same subnet and pushed the policy, the ACL then behaved as expected. We then changed the ACL back to IP/netmask in CSM, pushed the policy and it carried on matching correctly.
    During these changes the ACL order was identical and it wasn't anything complicated - the mask was a simple /24 subnet being referenced to allow a well known service port. We even have a test FWSM that is configured identically to the live one and the ACL worked fine on that during testing, the rules were copy & pasted from the test FWSM to the live FWSM in CSM.
    We are upgrading CSM to 3.3.1 next week so hopefully won't see this issue again.
    Regards
    Mel

    Thanks for the response.
    I fully understand the differences between ASDM & CSM and how they should be used. As it is, we only use CSM to configure the FWSM but we log in using CLI for troubleshooting.
    The question was asking how CSM talks to the FWSM using port 443. I presumed that when you upgraded the ASDM image on the FWSM this contained updates to the code that manages the incoming web connections on the FWSM i.e. fixed bugs, added functionality etc as well as updates to the software client that you can download.
    If I connect to my FWSM from my desktop using https://myfirewall/admin/index.html I get a choice of downloading and installing the ASDM GUI or running the ASDM as a java applet. Either way there is some code installed on the FWSM that these connect to i.e. a server process listening on port 443. I presumed that CSM would use the same management connections to the FWSM that the ASDM GUI does, the only difference being that CSM is intelligent enough to connect to multiple security devices at once. Whether you hit 'Submit & Deploy' or 'Apply' in your chosen GUI front end, the changes are pushed as a group of CLI commands in one go.
    Hence the original question about compatible code versions throughout the whole management chain. We have the FWSM software, we have the installed ASDM image on the FWSM module and we have the CSM software itself. All of which can be various versions and will contain capabilities and bugs pertaining to whatever version they are.
    With the ACL issue that we experienced we probably would not have had an issue if we had used just the CLI to input the changes, or if we used just the ASDM GUI, but a combination of all 3 factors may have created the issue with the dodgy ACL. Currently our FWSM web interface states it has 6.1F installed (since we are due to upgrade to CSM 3.3.1 I will leave it be) but if we were staying at CSM3.1.1 I would probably look at reverting the ASDM image to an earlier version on the FWSM, the FWSM image itself will stay at 3.1(4) and hopefully with that combination not see the ACL issue again.
    Hope that is a little clearer of what I am trying to understand.

  • ASDM hit count

    Hi
    for some reason ASDM hit count showing only for some rules not all.
    I'm sure traffic must be hitting the rule, but not reflected on ASDM hitcount and ASA CLI sh access-list command
    It's running on ASA 8.0(4) and ASDM 6.1(3).
    Is this known bug ?

    Hi Rajesh,
    It could be possible that the access-list that there may be an access-list above the one you are checking which also allows to pass the interesting traffic.
    Just to clear out the confusion please try to place the access-list on line 1 and check if the hit counts increase after that or not.

  • Packet captures on CLI, ASDM, or CSM?

    just wondering what the best practice is for performing packet captures...
    ASDM cleans up any ACLs that are built on the packet capture wizard, so I guess this is OK... But when you use the CLI, the ACLs you create stick around, so wouldn't they get cleaned up on the next policy push from CSM?...
    I'm new to CSM...
    Thanks

    Packet tracer bug fixed in ASDM 7.3(1.101). Verified. Works.
    https://tools.cisco.com/bugsearch/bug/CSCuq40844

  • ASDM validating running Configuration

    I have upgrade IOS on ASA 5510 asa721-k8.bin to asa847-k8.bin and ASDM to asdm-741.bin. on my pc I use the last version of java 8. via ASDM I can log in, but when I click on configure it show message.
    please wait while asdm loading current running configure from your device, but it cannot load complete %100 only %87 for long time. do anyone have the solution for this point?

    Hi
    Looks like you are hitting a bug here.
    Downgrading the ASDM to 7.3.3 is a workaround.
    For verification of the bug contact TAC.
    Regards,
    Shrinkhala

Maybe you are looking for

  • Mail does not respond to mouse clicks properly

    This bug in Mail started in Lion, and has continued (or possibly worsened in some instances) in Mountain Lion.  Has anybody heard of a fix? Basically Mail acts like it is freezing, but in fact is not handling mouse clicks properly. 1) If Mail is "beh

  • Mark For Deletion of STO's which purchase order history

    Is there a way, where I can set mark for deletion for a STO which has partial goods issue/receipt { i.e. it has purchase order history } Thanks In Advance!!

  • Why do QTVR interactive images do not function properly or at all?

    QTVR interactive images do not function properly. Check this page out in firefox and then in safari and see the difference..... http://www.edfruinphotography.com/MILLCITY_2.html

  • Can ODI use environment variables?

    Running on Linux/Unix, can ODI use environment variables? For example, export LANGUAGE="en", and anyway in ODI can get variable LANGUAGE?

  • Delete apps in iTunes

    How do I delete apps in iTunes?  I know there is the hide/unhide option; however, I want to permanently delete certain apps in my iTunes and not hide/unhide. Thanks!