user on ASA5520

julxu · ‎09-11-2008

Greeting

how can I add a user to use ASDM with readonly access on certain contents?

Any comments will be appreciated

Thanks in advance

robertson.michael · ‎09-12-2008

Hi Julie,

To add a user and give htem read-only access to ASDM, you simply need to create a new user with a privilege level of 5. On the CLI, it will look something like this:

username cisco password cisco123 privilege 5

Here is the config guide for doing this through ASDM as well:

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/aaasetup.html#wp1284477

Also, if the command has already not been enabled, you will need to tell ASDM to authenticate users against the local user database:

aaa authentication http console LOCAL

Hope that helps.

-Mike

julxu · ‎10-12-2008

still have problem.

I have multi-contents, and the read only user can only see on context, not others? how can I make the readonly user to see all the contexts but no configure them?

Thanks

suschoud · ‎09-12-2008

Just make sure you also have :

privilege level 5 mode configure command asdm

command in the config.

Please rate if helps.

Regards,

Sushil

julxu · ‎09-18-2008

Thanks for both replys.

regards "privilege level 5 mode configure command asdm", please advice:

if user0 have privilege 2 (default), and user1 has privilege 5, so user1 should be readonly user, what about user0? does user0 still can use asdm to change configuration on ASA5520?

Please advice

julxu · ‎10-12-2008

still have problem.

I have multi-contents, and the read only user can only see on context, not others? how can I make the readonly user to see all the contexts but no configure them?

Thanks