Avatar of eemoon
eemoon
 asked on

How to solve the issue between ASDM and SSL connection with one JAVA in ASA?

HI Expert, it took some time for me to configure SSL vpn connection successfully. The reason is that I changed java version from 6 to 7. However after I changed it to 7, ASDM cannot work under the version 7. If I change back to version6, SSL vpn connection will be down. How to solve the issue ? Thank you
SSL / HTTPSVPNCisco

Avatar of undefined
Last Comment
eemoon

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Akinsd

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Craig Beck

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
btan

remember to import the Cisco certificate, see further steps in link
When using some versions of Java, such as Version 7 update 51, the ASDM Launcher requires a trusted certificate. An easy approach to fulfill the certificate requirements is to generate a self-signed identity certificate and to configure the ASA to use it when establishing an SSL connection. After you generate the identity certificate and configure the ASA, you need to register it with the Java Control Panel on your computer.

For the ASA 5506-X, 5508-X, or 5516-X with an ASA FirePOWER module, you can use ASDM for module management. In this case, you must create two identity certificates: one for the ASA and one for the module.
http://www.cisco.com/c/en/us/td/docs/security/asdm/identity-cert/cert-install.html
More on the workarounds in ADSM 7.1(x) release notes - http://www.cisco.com/c/en/us/td/docs/security/asdm/7_1/release/notes/rn71.html#wp516584

also as same machine may be used to manage multiple ASA and the browser cache itself may trigger the issue, so In Java Control Panel's General tab sheet, there is the Temporary Internet Files. Typically removing all temp files will result in better functionality.
eemoon

ASKER
After downgrading to java6 and did some config based on what you said, ASDM begin to work. the client already is installed there. So just clicked it. It can work now. Thank you!
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes