Can not access ASDM on ASA 5510?

rechard_hk · ‎11-10-2009

Dear All,

I had ASA5510 and i want to opent ASA 5510 by ASDM ,

So i can open it but when i click configuration it tell that:

you are authorized to access only home and monitoring Views

How can i have authorized to change something on ASA 5510.

Best Regards,

rechard

Collin Clark · ‎11-11-2009

Rechard,

A username with level 15 privileges needs to be configured. Do you have telnet or SSH access to the device? If so you can create a username similar to the following;

username mmessier password GoRaNgErS privilege 15

Hope it helps you out.

rechard_hk · ‎11-11-2009

Dear collin,

Thank for you advise!!!

i'm not clear about user privilege 15, so what does it mean?

How can i do if i would like to some user can access ASDM (Read-write) and other user can access (Read-only) i mean can View and monitor?

I mean that:

1- username A passowrd A (Full access ASDM)

2- username B password B (View and Monitor only)

which command that i do ?

Best Regards,

Rechard_hk

Collin Clark · ‎11-12-2009

Here's a link how to set it up.

http://www.fir3net.com/Firewalls/PIX-Cisco/pix-asdm-read-only-account.html

There are 16 levels of authorization, 0-15. 15 has the highest privilege level and 0 the least. These are not in the config until you configure different levels. What we do is take the commands that will allow read-only and move them down in privilege level (level 5 in the link). Then we create a username at privilege level 5. They can now use the commands we moved down to their level. Users at a level also have access to commands below them.