we installed the new ASA 5505 recently. As it was our first installation, we did everything step by step and customized the settings while firewall was already connected to the real nettwork.
I would like to ask about the default user name and password for the firewall. Because we were using the firewall with these default settings for certain time, did we jeopartize our network to risk of attack?
a) Is it possible for a user from the outside (Internet) to access these default values (name/password)? According manual, the conenction is possible only from the inside of the network.
b) What other default values we should change to be on the safe side?
2/ My second question would be about the reseller. We plan to purchase the second firewall. doe anybody can recommend a relaeble resseler from the vancouver area (BC, Canada). The first firewall was purchased from the USA, but than we get the bill for the custom clearence, and it was just too much. So we would like to find a local reseller.
Thanks for help,
the enable_15 user appears when you don't set the authentication method for the ASDM and therefore you can login with the enable password and a blank username.
Please try to do the following, set the ASDM authetication with the LCAL database but please remember the privilege 15 when you create a user:
username password privilege 15
aaa authentication http console LOCAL
The user enable 15 will be disabled