Guest

Preview Tool

Cisco Bug: CSCvv08128 - ASDM does not work on master node in cluster but work on slave

Last Modified

Oct 05, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.14(1.10)

Description (partial)

Symptom:
ASDM does not work on master node and while troubleshooting we found that SSL handshake is completed with ASA and afterwards it is terminated, very similar to BUG CSCva36446. Here are the logs::--

%ASA-6-725002: Device completed SSL handshake with client management: X.X.X.X/49535 to Y.Y.Y.Y/443 for TLSv1.2 session
%ASA-6-725007: SSL session with client management:X.X.X.X/49535 to Y.Y.Y.Y/443 terminated

Symptoms of BUG CSCvr15503 are also observed, however, SSH does not present issues as described there. Here are the logs::--

ciscoasa/<context>/master# debug menu npshim -w
90d3a06   CLOSE_WAIT      2        443     4062  Y.Y.Y.Y                                Z.Z.Z.Z
947a6ea   CLOSE_WAIT      2        443     4140  Y.Y.Y.Y                                 Z.Z.Z.Z
 
++Unicorn Admin Handler process stuck on ASA (show processes | i Uni)

++Encrypted alerts are generated on client side.

Conditions:
Cluster environment
ASDM configured on all of the cluster units
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.