Adaptive Security Device Manager Hot Issues from Cisco TAC

Access rule description replication issue, Fixed CSCtn88072

Symptom: description (remark) line for rule is replicated multiple times.
Conditions: using same text on multiple lines of the description (remark) field.
Workaround: don't use same text on multiple lines of the rule description (remark).

ASDM Launcher does not work with JAVA version 7., Fixed CSCts17526

Symptom: ASDM Launcher hangs when JAVA version 7 is used. However, it is still accessible from the browsers. The following exception is seen: "Exception in thread "AWT-EventQueue-0" java.lang.ClassCastException: sun.security.ssl.X509TrustManagerImpl cannot be cast to com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager"
Conditions: Using JAVA version 7.
Workaround: Use JAVA version 6 or access ASDM from the browser.

"TCP timeout" should be modified "Timeout" on ASDM, Open CSCtx79284

Symptom: If user changes TCP Timeout field configuration on ASDM(Configuring -> Firewall -> Service Policy Rules -> Edit Service Policy Rule -> Rule Actions -> Connection Settings), this configuration is applied not only TCP but any protocols. Therefore this "TCP Timeout" may bring misunderstanding, thus "TCP timeout" should be modified "Timeout"
Conditions: NA
Workaround: NA

ASDM: Backup/restore of startup-config breaks hidden passwords and keys, Fixed CSCtf33394

Symptom: When doing a backup and restore of the ASA's startup config via ASDM, keys and passwords that are normally obfuscated by asterisks (*****) are replaced with the literal string "*****" and become invalid after a reload. This includes (but is not limited to) the following ASA features: Failover keys AAA server keys and LDAP passwords VPN pre-shared keys SNMP community strings
Conditions: The startup-config must be both backed up and restored via ASDM, and the ASA must be reloaded.
Workaround: Perform the backup and restore manually via the CLI. Backup: copy startup-config Restore: copy startup-config reload

ASDM Should not Push 'NFS' Port-Objects to FWSM and Earlier ASA/PIX SW, Fixed CSCsz48612
Symptom: When managing a Firewall Service Module (FWSM) with Adaptive Security Device Manager (ASDM), creating an Access Control List (ACL) or object-group involving Network File System (NFS) port TCP/2049 results in an error message. Same problem occurs with Adaptive Security Appliance (ASA) and PIX Firewall software before 8.0(3).
Workaround: Use Command Line Interface (CLI) to configure the relevant ACE or object by referencing port TCP/2049.

Java exception for read-only user priv 5 - Access rules panel hangs, Fixed CSCtx73665
Symptom: Access-rules panel hangs at FWSM ASDM, shows empty
Conditions: FWSM ASDM when LOCAL authorization enabled with privilege 5 read-only user. Java exception can happen.
Workaround: none. restart ASDM

ASDM: DAP Policy name can not be changed once created, Fixed CSCtx69529
Symptom: In ASDM DAP Policy name can not be changed once the policy is created
Conditions: Occurs once the DAP policy is created
Workaround: None as of now

ACL order in ASDM is not matching CLI, Fixed CSCtx46042
Symptom: ACL order in ASDM is not matching order in CLI
Conditions: ASASM and ASDM 6.5.1
Workaround: Use CLI to manage ASASM

DOC : Need to remove CSCtt45459 from Resolved Caveats list, Fixed CSCtx42366
Symptom: There is CSCtt45459 in Resolved Caveats list of Release-Note of ASDM 6.4(x). http://www.cisco.com/en/US/customer/docs/security/asa/asa84/asdm64/release/notes/asdmrn64.html But CSCtt45459 is re-opened and have not fixed yet.
Conditions:
Workaround:

ASDM: Manual nat configuration may conflict with ip local pool, Fixed CSCtx84041
Symptom: Manual nat configuration via ASDM may show conflict with ip local pool configured.
Conditions: This was first identified on ASDM version 6.4.5(206)
Workaround: User CLI to configure the line.

ASDM not sending right command for deleting dhcp server from the list, Fixed CSCtx70202
Symptom: Not able to delete the dhcp server value in case we have multiple dhcp servers defined under the tunnel-group
Conditions: Using ASDM
Workaround: Use CLI

ASDM Unable to Edit Connection Profile Authen/Author Scripts, Fixed CSCtx79097
Symptom: From a VPN Connection Profile I click on the Advanced->Secondary Authentication or Authorization section. I select the script I wish to modify and click Edit. Nothing Happens
Conditions: ASDM VPN Secondary Authentication or Authorization Script
Workaround: Create a new script. Paste in the existing script plus any modifications.
Further Problem Description: If one is reviewing the Java Conole one will see a Java NullPointer Exception traceback java.lang.NullPointerException at bj8.g(bj8.java:152) at bj8.f(bj8.java:78) at bj8.(bj8.java:64) at bja.c(bja.java:447) at bja.a(bja.java:78)

ACL Remarks multiply in configuration, CSCtx45992
Symptom: ACL remarks that are being deleted from ASDM seem to multiply
Conditions: ASASM and ASDM 6.5.1
Workaround: Use command line to manage configuration