Just started using ASDM6.1 and ASA8.0(4). Upgraded a 5505 from a previous version.
I appear to have found a couple of bugs.
In ASA8.0(4) to enable ssh as well as generating a key (crypto key generate rsa) it seems you have to enable SSH AAA Access (set to local) for SSH to work otherwise you just get a login failure. Odd thing is you don't have to enable it for any of the other connection types. Not particularly obvious especially as nothing appears to be logged in syslog, you just get an authentication error which is odd as the same username/password works fine in ASDM.
Not sure why it does not default to local and why no errors appear in syslog.
Second problem I encountered was enabling the top 10 feature on the dashboard. When I clicked the enable button it tried the command.
threat-detection statistics host number-of-rate 0
This does not appear to be valid. The correct command appears to be
To enable scanning threat detection statistics, use the threat-detection statistics command in global configuration mode. To disable scanning threat detection statistics, use the no form of this command."Threat-detection statistics host" is the right command to be used.The security appliance allows SSH connections to the security appliance for management purposes. The security appliance allows a maximum of 5 concurrent SSH connections per context, if available, with a maximum of 100 connections divided between all contexts.
I know that is the correct command the point is that ASDM issues the incorrect command as per my original post.
The issue is not with the number of ssh connections but the fact that the apparent default of local authentication does not work and has to be specifically enabled unlike authentication for other connection methods.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :