Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 11817
  • Last Modified:

Cisco ASA 5505 - Unable to access ASDM

I've got a cisco asa 5505, running ASA version 9.1.3 and ASDM version 7.1.4. I've issued "write erase" reload the device, then issue "config factory-default". I save the config using "wr" and reload again.

I am unable for the life of me to login to the ASDM using a blank username and password.

I've tried to create a user with level 15 privileges, and login that way, but it's not working either.

I found on cisco's website: http://www.cisco.com/en/US/docs/security/asdm/7_1/release/notes/rn71.html

ASDM login issue in 9.1(3) and later—You can no longer log into ASDM with no username and the enable password. You must configure ASDM AAA authentication (Configuration > Device Management > Users/AAA > AAA Access > Authentication and associated username configuration) and/or ASDM certificate authentication (Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH). Before you upgrade to 9.1(3), be sure to configure one of these authentication methods. (CSCuj50862)

How am I supposed to do that if I can't access the asdm?

Any ideas??
0
Wetjet
Asked:
Wetjet
  • 2
1 Solution
 
Ernie BeekExpertCommented:
After creating the user, did you also add something like:

http server enable
http 192.168.1.0 255.255.255.0 inside
0
 
InteraXCommented:
Once you've done all of the abopve, enter the following on the command line. This will enable user based authentication for all interactive management. The LOCAL refers to the local database which is where users you create on the command line are created.

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
0
 
WetjetAuthor Commented:
I did add the lines:

http server enable
http 192.168.1.0 255.255.255.0 inside


But I hadn't added:

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL


After doing so, I'm able to log in.

Thank you InteraX!
0
 
InteraXCommented:
TBH, the only command you needed to get local user authentication working was

aaa authentication http console LOCAL

The other commands setup local user authentication for ssh, telnet, serial types of access and also will require the user password for moving into enable mode from the command line.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now