Is there a way to secure the access for ASDM after a user logs in?
ssh to public address prompts username and then a password for the enable
http doesn't. You can log into the ASDM with the local username and apply any change you want without using any other authentication. I'm assuming that the ASDM uses elevated authentication? Is there a way around this?
You need to use command authorization using tacacs or you can also setup local user with different access rights.
Do rate helpful posts