The ASA 5505 comes with a default IP of 192.168.1.1. I need 192.168.10.1. I can change it with Telnet, with https Applet and with https Startup Wizard, but then I am locked out until I go back in with Telnet and put it back to 192.168.1.1.
When I Show Run with Telnet I can see that Vlan1 is set to 192.168.10.1, but also that http Server is still set to 192.168.1.1. If this is the problem, how do I set the http server to 192.168.10 as well ?
Well this isn't quite it. I just did a Show Run and found this:
http server enable
http 192.168.10.1 255.255.255.255 inside
http 192.168.1.0 255.255.255.0 inside
I entered these in a screen where I was invited to tell it who could log on, and entered them both so I could get in with either subnet.
When I change the subnet on my network card to 10 and try entering the ASA 5505 with https://192.168.10.1 I am asked for the username and password. Nothing I enter here is accepted. With 192.168.1.1 I get no such challenge. With Telnet I leave the username blank and enter the password I gave it and get in. But that password isn't good enough with 192.168.10.1.
Your default IP is set by changing the inside interface. The http command allows those hosts or ranges to be able to connect to the firewall via ASDM. If you can't get back in, you could change your workstation IP to the 192.x.x.x address that you accidentally changed, and that should allow you to get back into it. You need to make sure that you are on the same subnet as the new address that you change your ASA to, and also make sure that you've allowed that subnet access before you make your address change. If you haven't saved it since you lost connection, you can always reboot and it will be like it was since the last save.
The passwd statement is only going to be used for intial login and telnet. If telnet is configured to allow connections but no authentication method is specified, it will prompt the user for the passwd.
With that said, HTTP(s) access to the ASA is going to want to authenticate to the local database. This means that you need to create a username within the ASA. In global config, type: "username cisco password cisco privilege 15"
Type the newly created credentials into the prompt when trying to access the ASA via HTTP(S).
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...