Bugs in ASDM 6.1 and ASA8.0(4)

djberriman · ‎11-05-2008

Just started using ASDM6.1 and ASA8.0(4). Upgraded a 5505 from a previous version.

I appear to have found a couple of bugs.

In ASA8.0(4) to enable ssh as well as generating a key (crypto key generate rsa) it seems you have to enable SSH AAA Access (set to local) for SSH to work otherwise you just get a login failure. Odd thing is you don't have to enable it for any of the other connection types. Not particularly obvious especially as nothing appears to be logged in syslog, you just get an authentication error which is odd as the same username/password works fine in ASDM.

Not sure why it does not default to local and why no errors appear in syslog.

Second problem I encountered was enabling the top 10 feature on the dashboard. When I clicked the enable button it tried the command.

threat-detection statistics host number-of-rate 0

This does not appear to be valid. The correct command appears to be

threat-detection statistics host

Regards

Duncan

hadbou · ‎11-11-2008

To enable scanning threat detection statistics, use the threat-detection statistics command in global configuration mode. To disable scanning threat detection statistics, use the no form of this command."Threat-detection statistics host" is the right command to be used.The security appliance allows SSH connections to the security appliance for management purposes. The security appliance allows a maximum of 5 concurrent SSH connections per context, if available, with a maximum of 100 connections divided between all contexts.

djberriman · ‎11-11-2008

I know that is the correct command the point is that ASDM issues the incorrect command as per my original post.

The issue is not with the number of ssh connections but the fact that the apparent default of local authentication does not work and has to be specifically enabled unlike authentication for other connection methods.

Perhaps I was unclear in my original post.