Filter
Top Products
40-15
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 40 Configuring Management Access
Configuring AAA for System Administrators
The management interface is assigned, and the change is saved to the running configuration.
Configuring AAA for System Administrators
This section describes how to enable authentication and command authorization for system
administrators. Before you configure AAA for system administrators, first configure the local database
or AAA server according to procedures listed in Chapter 38, “Configuring AAA Servers and the Local
Database.”
This section includes the following topics:
• Information About AAA for System Administrators, page 40-15
• Licensing Requirements for AAA for System Administrators, page 40-18
• Prerequisites, page 40-18
• Guidelines and Limitations, page 40-19
• Default Settings, page 40-19
• Configuring Authentication for CLI, ASDM, and enable command Access, page 40-20
• Limiting User CLI and ASDM Access with Management Authorization, page 40-21
• Configuring Command Authorization, page 40-22
• Configuring Management Access Accounting, page 40-28
• Viewing the Currently Logged-In User, page 40-28
• Recovering from a Lockout, page 40-29
• Setting a Management Session Quota, page 40-30
Information About AAA for System Administrators
This section describes AAA for system administrators and includes the following topics:
• Information About Management Authentication, page 40-15
• Information About Command Authorization, page 40-16
Information About Management Authentication
This section describes authentication for management access and includes the following topics:
• Comparing CLI Access with and without Authentication, page 40-15
• Comparing ASDM Access with and without Authentication, page 40-16
Comparing CLI Access with and without Authentication
How you log into the ASA depends on whether or not you enable authentication:
• If you do not enable any authentication for Telnet, you do not enter a username; you enter the login
password. For SSH, you enter the username and the login password. You access user EXEC mode.