hit counter script

Cli Access Overview; Asdm Access Overview; Authenticating Sessions From The Switch To The Fwsm - Cisco 7604 Configuration Manual

Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs Also See for 7604:
Table of Contents

Advertisement

Chapter 23
Configuring Management Access

CLI Access Overview

Before the FWSM can authenticate a Telnet or SSH user, you must first configure access to the FWSM
using the telnet or ssh commands (see the
SSH Access" section on page
communicate with the FWSM. The exception is for access to the system in multiple context mode; a
session from the switch to the FWSM is a Telnet session, but the telnet command is not required.
After you connect to the FWSM, you log in and access user EXEC mode.
To enter privileged EXEC mode, enter the enable command or the login command (if you are using the
local database only).
For authentication using the local database, you can use the login command, which maintains the
username but requires no configuration to turn on authentication.

ASDM Access Overview

By default, you can log into ASDM with a blank username and the enable password set by the enable
password command. However, if you enter a username and password at the login screen (instead of
leaving the username blank), ASDM checks the local database for a match.
Although you can configure HTTP authentication according to this section and specify the local
database, that functionality is always enabled by default. You should only configure HTTP
authentication if you want to use a RADIUS or TACACS+ server for authentication.

Authenticating Sessions from the Switch to the FWSM

In multiple context mode, you cannot configure any AAA commands in the system configuration.
However, if you configure Telnet authentication in the admin context, then authentication also applies
to sessions from the switch to the FWSM (which enters the system execution space). The admin context
AAA server or local user database are used in this instance.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Authenticating Sessions from the Switch to the FWSM, page 23-11
Enabling CLI or ASDM Authentication, page 23-12
23-2). These commands identify the IP addresses that are allowed to
If you do not enable any authentication for Telnet, you do not enter a username; you enter the login
password (set with the password command). For SSH, you enter "pix" as the username, and enter
the login password.
If you enable Telnet or SSH authentication according to this section, you enter the username and
password as defined on the AAA server or local user database.
If you do not configure enable authentication, enter the system enable password when you enter the
enable command (set by the enable password command). However, if you do not use enable
authentication, after you enter the enable command, you are no longer logged in as a particular user.
To maintain your username, use enable authentication.
If you configure enable authentication (see the
Command" section on page
"Allowing Telnet Access" section on page 23-1
"Configuring Authentication for the Enable
23-13), the FWSM prompts you for your username and password.
AAA for System Administrators
and
"Allowing
23-11

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

7609-s76137606-sCatalyst 6500 series7600 series

Table of Contents