使用Chrome浏览器访问已正确启用ASDM的设备IP后返回的错误提示信息
在IE和Firefox浏览器下不返回任何提示
Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error code: ERR_SSL_PROTOCOL_ERROR
使用putty登录SSH服务时提示使用了不安全的Single-DES加密方法
申请加密方法License网址
https://tools.cisco.com/SWIFT/LicensingUI/loadDemoLicensee?FormId=139
输入设备序列号,通过sh run查看
选择接受License信息的联系人信息
等待完成请求
请求成功,提示邮件已经发送至指定的邮箱中。
查看邮件
启用SSH v2协议的错误提示
ciscoasa(config)# ssh version 2
ERROR: SSH version 2 requires a VPN-3DES-AES activation key.
ciscoasa(config)#
使用Putty登录的加密方法提示
查看启用和未启用的加密方式
ciscoasa# sh ssl
Accept connections using SSLv2, SSLv3 or TLSv1 and negotiate to SSLv3 or TLSv1
Start connections using SSLv3 and negotiate to SSLv3 or TLSv1
Enabled cipher order: des-sha1
Disabled ciphers: 3des-sha1 rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1 null-sha1
No SSL trust-points configured
Certificate authentication is not enabled
ciscoasa#
在Cisco官方网站申请
激活许可证
ciscoasa# activation-key d722c45d 906ea02d eca1c1a8 9418a8e8 c20f1bab
Validating activation key. This may take a few minutes…
Both Running and Flash permanent activation key was updated with the requested key.
ciscoasa#
启用可用加密方式
ciscoasa# config t
ciscoasa(config)# ssl encryption 3des-sha1 rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1
ciscoasa(config)# sh ssl
Accept connections using SSLv2, SSLv3 or TLSv1 and negotiate to SSLv3 or TLSv1
Start connections using SSLv3 and negotiate to SSLv3 or TLSv1
Enabled cipher order: 3des-sha1 rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1
Disabled ciphers: des-sha1 null-sha1
No SSL trust-points configured
Certificate authentication is not enabled
ciscoasa(config)#
启用SSH Version 2不再报错
ciscoasa(config)# ssh version 2
ciscoasa(config)#
开启ASDM访问
ciscoasa(config)# aaa authentication http console LOCAL
ciscoasa(config)# http server enable
ciscoasa(config)# http 0 0 outside
ciscoasa(config)# logging enable
ciscoasa(config)# logging asdm informational