Solved

Cisco ASA 5505 - Unable to access ASDM

Posted on 2013-12-02
4
11,071 Views
Last Modified: 2013-12-04
I've got a cisco asa 5505, running ASA version 9.1.3 and ASDM version 7.1.4. I've issued "write erase" reload the device, then issue "config factory-default". I save the config using "wr" and reload again.

I am unable for the life of me to login to the ASDM using a blank username and password.

I've tried to create a user with level 15 privileges, and login that way, but it's not working either.

I found on cisco's website: http://www.cisco.com/en/US/docs/security/asdm/7_1/release/notes/rn71.html

ASDM login issue in 9.1(3) and later—You can no longer log into ASDM with no username and the enable password. You must configure ASDM AAA authentication (Configuration > Device Management > Users/AAA > AAA Access > Authentication and associated username configuration) and/or ASDM certificate authentication (Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH). Before you upgrade to 9.1(3), be sure to configure one of these authentication methods. (CSCuj50862)

How am I supposed to do that if I can't access the asdm?

Any ideas??
0
Comment
Question by:Wetjet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39692078
After creating the user, did you also add something like:

http server enable
http 192.168.1.0 255.255.255.0 inside
0
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
ID: 39692961
Once you've done all of the abopve, enter the following on the command line. This will enable user based authentication for all interactive management. The LOCAL refers to the local database which is where users you create on the command line are created.

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
0
 

Author Comment

by:Wetjet
ID: 39693293
I did add the lines:

http server enable
http 192.168.1.0 255.255.255.0 inside


But I hadn't added:

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL


After doing so, I'm able to log in.

Thank you InteraX!
0
 
LVL 16

Expert Comment

by:InteraX
ID: 39694975
TBH, the only command you needed to get local user authentication working was

aaa authentication http console LOCAL

The other commands setup local user authentication for ssh, telnet, serial types of access and also will require the user password for moving into enable mode from the command line.
0

Featured Post

Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question