Solved

Cisco ASA 5505 - Unable to access ASDM

Posted on 2013-12-02
4
10,410 Views
Last Modified: 2013-12-04
I've got a cisco asa 5505, running ASA version 9.1.3 and ASDM version 7.1.4. I've issued "write erase" reload the device, then issue "config factory-default". I save the config using "wr" and reload again.

I am unable for the life of me to login to the ASDM using a blank username and password.

I've tried to create a user with level 15 privileges, and login that way, but it's not working either.

I found on cisco's website: http://www.cisco.com/en/US/docs/security/asdm/7_1/release/notes/rn71.html

ASDM login issue in 9.1(3) and later—You can no longer log into ASDM with no username and the enable password. You must configure ASDM AAA authentication (Configuration > Device Management > Users/AAA > AAA Access > Authentication and associated username configuration) and/or ASDM certificate authentication (Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH). Before you upgrade to 9.1(3), be sure to configure one of these authentication methods. (CSCuj50862)

How am I supposed to do that if I can't access the asdm?

Any ideas??
0
Comment
Question by:Wetjet
  • 2
4 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39692078
After creating the user, did you also add something like:

http server enable
http 192.168.1.0 255.255.255.0 inside
0
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
ID: 39692961
Once you've done all of the abopve, enter the following on the command line. This will enable user based authentication for all interactive management. The LOCAL refers to the local database which is where users you create on the command line are created.

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
0
 

Author Comment

by:Wetjet
ID: 39693293
I did add the lines:

http server enable
http 192.168.1.0 255.255.255.0 inside


But I hadn't added:

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL


After doing so, I'm able to log in.

Thank you InteraX!
0
 
LVL 16

Expert Comment

by:InteraX
ID: 39694975
TBH, the only command you needed to get local user authentication working was

aaa authentication http console LOCAL

The other commands setup local user authentication for ssh, telnet, serial types of access and also will require the user password for moving into enable mode from the command line.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Suggested Solutions

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now