Cisco ASA 5506-X, ASDM, cursing!

We sold a few ASA 5506-X. I was trying them out (especially the FirePOWER part), so I unpacked one of them just to play a bit.

One particularity of the 5506 is that you can manage the FirePOWER with ASDM. Only the 5506 can do that – bigger ones need a management appliance even for just one ASA.

By the way, FUCK YOU Cisco website.

However, you may use the cli or the startup wizard to begin. You need to give an IP address to the FirePOWER module – its management port is hardwired to the asa management1/1 and the thing will begin to run.

One thing will probably bother you. It seems to be incompatible with Windows 10 and Java > 1.8.0U51. When using ASDM, you get an error about the fact that it cannot load the configuration from the ASA

Porkaround(s):

  • Use a windows 7/8 machine
  • Use a java 1.8.0U51 max
    • About this, it seems that when starting the ASDM, it loads a module from FirePOWER, and this checks for the windows OS version. If it finds “Windows 10”, loading fails. However, Java 1.8.0U51 reports the OS as “Windows 8” even on 10, so it works
  • Disconnect the m1/1 interface, so the ASDM client won’t connect to it
  • Don’t use the FirePOWER module

Another trick: if you happen to ever update the sfr module, bear in mind that it may need even 60 mins or so to become responsive again. In the meantime it will be reported as unresponsive.