Hardware And Software Compatibility; Vpn Specifications - Cisco ASA Series Cli Configuration Manual
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Introduction to the Cisco ASA
•
•
•
•
•
•
Hardware and Software Compatibility
For a complete list of supported hardware and software, see the Cisco ASA Compatibility:
http://www.cisco.com/en/US/docs/security/asa/compatibility/asamatrx.html
VPN Specifications
See Supported VPN Platforms, Cisco ASA 5500 Series:
http://www.cisco.com/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html
If available, use an already downloaded ASDM launcher or Java web start application. The
launcher works with Java 6 and weak encryption, even if the browsers do not.
For Windows Internet Explorer, you can enable DES as a workaround. See
http://support.microsoft.com/kb/929708
For Firefox on any operating system, you can enable the security.ssl3.dhe_dss_des_sha setting
as a workaround. See
configuration preferences.
When the ASA uses a self-signed certificate or an untrusted certificate, Firefox 4 and later and Safari
are unable to add security exceptions when browsing using HTTPS over IPv6. See:
https://bugzilla.mozilla.org/show_bug.cgi?id=633001. This caveat affects all SSL connections
originating from Firefox or Safari to the ASA (including ASDM connections). To avoid this caveat,
configure a proper certificate for the ASA that is issued by a trusted certificate authority.
If you change the SSL encryption on the ASA to exclude both RC4-MD5 and RC4-SHA1 algorithms
(these algorithms are enabled by default), then Chrome cannot launch ASDM due to the Chrome
"SSL false start" feature. We suggest re-enabling one of these algorithms (see the Configuration >
Device Management > Advanced > SSL Settings pane); or you can disable SSL false start in Chrome
using the --disable-ssl-false-start flag according to
http://www.chromium.org/developers/how-tos/run-chromium-with-flags.
For Internet Explorer 9.0 for servers, the "Do not save encrypted pages to disk" option is enabled
by default (See Tools > Internet Options > Advanced). This option causes the initial ASDM
download to fail. Be sure to disable this option to allow ASDM to download.
On MacOS, you may be prompted to install Java the first time you run ASDM; follow the prompts
as necessary. ASDM will launch after the installation completes.
On MacOS, you may see the following error message when opening the ASDM Launcher:
Cannot launch Cisco ASDM-IDM. No compatible version of Java 1.5+ is available.
In this case, Java 7 is the currently-preferred Java version; you need to set Java 6 as the preferred
Java version: Open the Java Preferences application (under Applications > Utilities), select the
preferred Java version, and drag it up to be the first line in the table.
On MacOS 10.8 and later, you need to allow applications that are not signed with an Apple
Developer ID. If you do not change your security preferences, you see an error screen.
a.
To change the security setting, open System Preferences, and click Security & Privacy.
b.
On the General tab, under Allow applications downloaded from, click Anywhere.
for details.
http://kb.mozillazine.org/About:config
Cisco ASA Series CLI Configuration Guide
Hardware and Software Compatibility
to learn how to change hidden
1-3
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
