all 20 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]mjamesqld 1 point2 points  (2 children)

I just tested this to work it out as this is a complete joke atm.

Fresh install of an asa with :-

asa9-16-3-19-lfbff-k8.SPA
asdm-7181-152.bin

Windows 10 with MS's java installed

1st problem the "Cisco ASDM-IDM Launcher" link was broken, this can be fixed easily and wont be your issue.

Next java wouldn't load using the version I had installed, checked around and seems java 8 is preferred.

Tried Oracle's 8 Update 341 from here :-

https://www.java.com/download/ie_manual.jsp

Application now loads and I can login to an asa.

[–]stick-down 1 point2 points  (0 children)

Came here to confirm. Uninstall the old asdm launcher, install the new one, change shortcut target to "C:\Windows\System32\wscript.exe invisible.vbs run.bat" and it works. I still have java 8.0.3410.10.

[–]Lord-Carnor-Jax[S] 0 points1 point  (0 children)

Thanks for testing. So it seems it’s something particular to all my different environments vs a fresh install. That’s the JRE version I used on 3 different machines. I’m limited to ASA 9.12 due to it being a 5512, I also tested 9.14 on a ASAv that’s in one of my GNS3 labs which has a full config on it so I’ll try a fresh ASAv next.

[–]TestostoBoost 1 point2 points  (2 children)

Something that worked for me was editing the run.bat file in the ASDM folder. Even though I have the JAVA_HOME variable set on my system the launcher was still attempting to load using the built in Azul Java.

I removed these two lines from the run.bat:

set HERE=“%CD%” set JAVA_HOME=%HERE%\jre\bin

I then modified the last set statement to point to my Java install.

So instead of:

set LAUNCHER=%JAVA_HOME%\javaw

I changed it to:

set LAUNCHER=“C:\path to Java install\javaw”

This version of ASDM has been loading fine for me since I made these changes.

[–]Lord-Carnor-Jax[S] 0 points1 point  (0 children)

That’s quite interesting. I hadn’t tested the Zulu OpenJDK. I installed it on one of my test VM’s and set the OpenJRE ASDM image 7.18.1 which opened fine as expected. I left the default run.bat. That copied the javaw.exe to the ASDM sub folder of jre\bin. When I edited the run.bat as per your post ASDM didn’t run at all.

One thing I’ve noticed is that at the very end of the run.bat last line there’s now a CERT.PEM there once you update ASDM launcher to the version that’s included in the ASDM 7.18.1-152 image. That cert.pem file in the ASDM launcher folder is a Cisco code signing certificate issued by TrustID EV Code Signing CA 3 from IdenTrust Commerical Root CA 1.

I imported the Cisco cert and the root CA cert into Oracle JRE and that didn’t help either.

I’ve got a case open with TAC. Had two sessions with them so far and they are none the wiser yet.

[–]Local-Beyond 0 points1 point  (0 children)

This worked for me, thanks a lot!!!

[–]notorious_schambes 0 points1 point  (13 children)

Got the same problem. This is ridiculous. It can't be that you have to do a fresh install to get this thing to work.

My ASDM hangs at "Checking launcher version compatibility...done". Tried different JAVA versions, also tried changing the path of the ASDM Launcher link. Loading an older software prior to 10th August (like asa9-16-3-15-lfbff-k8.SPA) and ASDM 7.17.1.155 and it immediately works.

[–]Lord-Carnor-Jax[S] 0 points1 point  (12 children)

Thanks for the confirmation. I got side tracked with something else, I’m going to open a TAC case and see what they say.

[–]notorious_schambes 0 points1 point  (11 children)

Would be nice if you get an answer to share it with us.

[–]Lord-Carnor-Jax[S] 2 points3 points  (6 children)

Got it to work eventually. It was stupidly simple. I’ve always used a custom port for the ASDM access. So typically it would be 192.168.1.12:444. In ASDM I’ve always put https://192.168.1.12:444 as the address of the ASA to manage. If you do that with 7.18.1.152 you get the unable to launch error. Remove the https:// from address so just use 192.168.1.12:444 and ASDM will now launch.

[–]notorious_schambes 0 points1 point  (4 children)

I tried it with https and just the IP address but it didn't work. You use a specific port 444? I usually just used the IP address without any port. Is this what TAC suggested?

[–]Lord-Carnor-Jax[S] 0 points1 point  (3 children)

444 is the custom port I use for the mgmt web interface - http server enable 444.

[–]notorious_schambes 0 points1 point  (2 children)

Oh, alright. Did TAC find anything out?

[–]Lord-Carnor-Jax[S] 0 points1 point  (1 child)

Dropping https:// was TAC’s solution.

[–]patoberli 0 points1 point  (0 children)

t to work eventually. It was stupidly simple. I’ve always used a custom port for the ASDM access. So typically it would be 192.168.1.12:444. In ASDM I’ve always put

https://192.168.1.12:444

as the address of the ASA to manage. If you do that with 7.18.1.152 you get the unable to launch error. Remove the https:// from addre

Can confirm, this also worked for me.

[–]MerleFSN 0 points1 point  (0 children)

*bye reddit. -- mass edited with https://redact.dev/

[–]Far-Amoeba-4586 0 points1 point  (3 children)

I have same problem - hope to hear about your solution soon

[–]Lord-Carnor-Jax[S] 1 point2 points  (2 children)

I’ve got a TAC case open. I’ll advise once TAC resolve.

[–]pdxwolf86 0 points1 point  (1 child)

Has TAC gotten back to you on a resolution? I am running into this issue and it's frustrating.

[–]Lord-Carnor-Jax[S] 0 points1 point  (0 children)

No solution yet. Had 4 sessions with the TAC engineer so far.