ASA rejects username and password

Unanswered Question
Jan 25th, 2010


We have ASA 5520 which we connect to using ASDM 6.0. We authenticate via an ACS.

Lately we've been having situations where we're able to open the ASDM login page, but when you type your username and password the ASA rejects it.

Same happens when you try to log in using Telnet.

We would usually reload the ASA and then connect to the device using Telnet which now accepts the username and password (after the reload). We then have to reconfigure the http commands (http inside etc) and then log in using asdm and the ASA now accepts the username and password.

Any ideas why this is happening and what we could do to solve it?

Thanks in advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Panos Kampanakis Mon, 01/25/2010 - 14:26

Can you check if you lost the aaa server and try to use fallback?

That would explain it only if the user didn't exist in the local db though.


Kureli Sankar Mon, 01/25/2010 - 19:19

Need the following collected at the time of the problem.

sh tech

sh blocks

sh logs (debug level)

Make sure you have configured (sh run aaa) to fall back to LOCAL account if the ACS server is to go down for some reason.

Also, leave serial without aaa authentication and connect via console (sh log) when telnet and asdm rejects the userid to see what might be going on.



This Discussion