Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

management access on ASA

hi forumers,

some question over ASA appliance management access setting,

(1) now my situation is once i telnet to my ASA device, it only request password. Instead i would like to do it in the way the ASA will ask for local username and password for the authentication  (no AAA server)

is it deal with SSH setting (i didnt set SSH for it, just ASDM/HTTPS and telnet)?

(2) Can ASA do like what cisco router / switches did on these CLI.

  line vty 0 4
  transport input telnet ssh

my concern is it able to let user using putty can either telnet or SSH.

thank you

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: management access on ASA

Hello Yhong

Mike here,

In the case you need authentication using a username and password for your Telnet session you can issue the command

aaa authentication telnet console LOCAL

See that the local is in uppercase, that will tell the firewall to use the local database, you can populate this database using the "username" command

The ASA builds an ASP table on which he listens for traffic that comes to him, as if you configure only telnet, he will listen only in telnet, if you configure both, he will be mostlikely accepting both management protocols.

If you have any questions please feel free to ask

Mike

Mike
Cisco Employee

Re: management access on ASA

Hi,

To your first question, enter the command "aaa authentication telnet console LOCAL". It should then ask you for the username/password.

Regarding the 2nd query, the ASAs do not have any lines (vty,console,aux). To configure SSH for the ASA, please refer the below link:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mgaccess.html#wp1042023

Regards,

Prapanch

2 REPLIES
Cisco Employee

Re: management access on ASA

Hello Yhong

Mike here,

In the case you need authentication using a username and password for your Telnet session you can issue the command

aaa authentication telnet console LOCAL

See that the local is in uppercase, that will tell the firewall to use the local database, you can populate this database using the "username" command

The ASA builds an ASP table on which he listens for traffic that comes to him, as if you configure only telnet, he will listen only in telnet, if you configure both, he will be mostlikely accepting both management protocols.

If you have any questions please feel free to ask

Mike

Mike
Cisco Employee

Re: management access on ASA

Hi,

To your first question, enter the command "aaa authentication telnet console LOCAL". It should then ask you for the username/password.

Regarding the 2nd query, the ASAs do not have any lines (vty,console,aux). To configure SSH for the ASA, please refer the below link:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mgaccess.html#wp1042023

Regards,

Prapanch

259
Views
0
Helpful
2
Replies
CreatePlease to create content