Running old Cisco ASDM

We currently have an old Cisco ASA 5510 - which is soon going to be replaced by a Netgate pfSense applicance [Update Feb 2021: We switched to pfSense :) ]. But from time to time we need to access the configuration software which doesn't play nice with modern systems. For a while I kept a VM with Ubuntu 12.04 around which seems to hit the sweet spot between too old and too new. But it's very inconvinient to use. So I tried to get it running on my modern XUbuntu system. It took some trial and error, but those are the needed steps:

  1. Install icedtea:
    sudo apt install icedtea-netx
  2. Grab yourself an old version of Oracle Java 1.8 - I'm too coward to host it here because I'm afraid of Oracle's lawyers :/ - but I got mine from here: https://www.adobe.com/support/coldfusion/downloads.html . Just search for "jdk-8u271-linux-x64.tar.gz". If Macromedia doesn't host it anymore, type it into Google.
  3. Untar that file to your home directory:
    tar xvzf jdk-8u271-linux-x64.tar.gz
  4. Run
    itweb-settings

    , go to JVM settings, click "Browse for JVM" and select the folder that was just created
     

  5. Click OK, ignore the warning
  6. Open the file ~/jdk1.8.0_271/jre/lib/security/java.security in an editor (I use vim).
  7. Remove every mentioning of the word MD5, so that for example this:
    jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
          DSA keySize < 1024, include jdk.disabled.namedCurves

    changes to this:

    jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024, \
          DSA keySize < 1024, include jdk.disabled.namedCurves
  8. Download the Webstart application from your appliance (if you haven't already done so)
     
  9. Success! You can now run ASDM with:
    javaws asdm.jnlp

Neuen Kommentar schreiben