Cisco ASA 5525X

So at first I have to say that this device frustrated me. Not a good thing right? I've worked for 2 Cisco gold partners and I won't ever consider myself as sharp as others on this but I'm capable of searching google. This is a cool box though. It has great through put. Honestly it makes the rack look sweet with the physical front plate looking sweet to me.

I started off with this issue.
Cannot communicate securely with peer: no common encryption algorithm(s).

Connecting my console cable to my mac is no easy trick because I only have USB ports.
I have an adapter but there are no drivers. I found a generic kext and now I can use screen.
at terminal I type
screen /dev/tty.PL2303-00002014
I login and at the ASA prompt I type enable

ASA# sh run all ssl
ssl server-version any
ssl client-version any

I see i am missing some items here so I type config t
and then at the terminal prompt

ssl encryption rc4-md5 rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1

about:config in window on firefox

Ok so the new ASA didnt take my old ip addresses for the interfaces because these are Gigabit Ethernet and the old ones were Fast Ethernet.

The new NAT rules (Which are what makes people outside your network see your webpage which is inside your network) are tricky.

It didnt work just to import my config using the wizard. It didnt mesh well. I had to create new access rules and new public servers.

I was unable to get DNS doctoring/Hair Pinning to work. This is where your firewall knows to change the DNS to your local IP address when you call it from the external IP address. So I just added a dns entry for that one server and it works fine .
I did download the latest firmware

Version 8.6.1 Firmware (original release for this device)

Version 9.1.1 Firmware (Current Release)

Latest ASDM

Almost everything else went swimmingly as I ran the wizard to create new access rules. Over a month of up time and no issues.