EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1014 background imageLoading...
Page #1014 background image
1-20
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Management Access
Configuring AAA for System Administrators
Configuring Authentication for CLI and ASDM Access
To configure management authentication, enter the following command:
Detailed Steps
Configuring Authentication to Access Privileged EXEC Mode (the enable
Command)
You can configure the ASA to authenticate users with a AAA server or the local database when they enter
the enable command. Alternatively, users are automatically authenticated with the local database when
they enter the login command, which also accesses privileged EXEC mode depending on the user level
in the local database.
This section includes the following topics:
Configuring Authentication for the enable Command, page 1-21
Authenticating Users with the login Command, page 1-21
Command Purpose
aaa authentication {telnet | ssh | http |
serial} console {LOCAL |
server_group [LOCAL]}
Example:
hostname(config)# aaa authentication
telnet console LOCAL
Authenticates users for management access. The telnet keyword controls
Telnet access. For the ASASM, this keyword also affects the session from
the switch using the session command. For multiple mode access, see the
Authenticating Sessions from the Switch to the ASA Services Module”
section on page 1-15.
The ssh keyword controls SSH access. The SSH default usernames asa and
pix are no longer supported.
The http keyword controls ASDM access.
The serial keyword controls console port access. For the ASASM, this
keyword affects the virtual console accessed from the switch using the
service-module session command. For multiple mode access, see the
Authenticating Sessions from the Switch to the ASA Services Module”
section on page 1-15.
HTTP management authentication does not support the SDI protocol for a
AAA server group.
If you use a AAA server group for authentication, you can configure the
ASA to use the local database as a fallback method if the AAA server is
unavailable. Specify the server group name followed by LOCAL (LOCAL
is case sensitive). We recommend that you use the same username and
password in the local database as the AAA server, because the ASA prompt
does not give any indication which method is being used.
You can alternatively use the local database as your primary method of
authentication (with no fallback) by entering LOCAL alone.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals