Solved

Cisco ASA 5505 - Unable to access ASDM

Posted on 2013-12-02
4
10,797 Views
Last Modified: 2013-12-04
I've got a cisco asa 5505, running ASA version 9.1.3 and ASDM version 7.1.4. I've issued "write erase" reload the device, then issue "config factory-default". I save the config using "wr" and reload again.

I am unable for the life of me to login to the ASDM using a blank username and password.

I've tried to create a user with level 15 privileges, and login that way, but it's not working either.

I found on cisco's website: http://www.cisco.com/en/US/docs/security/asdm/7_1/release/notes/rn71.html

ASDM login issue in 9.1(3) and later—You can no longer log into ASDM with no username and the enable password. You must configure ASDM AAA authentication (Configuration > Device Management > Users/AAA > AAA Access > Authentication and associated username configuration) and/or ASDM certificate authentication (Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH). Before you upgrade to 9.1(3), be sure to configure one of these authentication methods. (CSCuj50862)

How am I supposed to do that if I can't access the asdm?

Any ideas??
0
Comment
Question by:Wetjet
  • 2
4 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39692078
After creating the user, did you also add something like:

http server enable
http 192.168.1.0 255.255.255.0 inside
0
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
ID: 39692961
Once you've done all of the abopve, enter the following on the command line. This will enable user based authentication for all interactive management. The LOCAL refers to the local database which is where users you create on the command line are created.

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
0
 

Author Comment

by:Wetjet
ID: 39693293
I did add the lines:

http server enable
http 192.168.1.0 255.255.255.0 inside


But I hadn't added:

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL


After doing so, I'm able to log in.

Thank you InteraX!
0
 
LVL 16

Expert Comment

by:InteraX
ID: 39694975
TBH, the only command you needed to get local user authentication working was

aaa authentication http console LOCAL

The other commands setup local user authentication for ssh, telnet, serial types of access and also will require the user password for moving into enable mode from the command line.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question