cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2143
Views
20
Helpful
4
Replies

ASDM asks for re-login

Florin Barhala
Level 6
Level 6

Hi guys,

 

I have two 5506 boxes running 9.8.3 patch 29. I login first time with ASDM and perform whatever tasks.

I left ASDM open and move to other windows (probably a browser); after couple minutes a pop up from ASDM login credetials shows up.

1.PNG

 

Obviously if I return to ASDM to make any other change I have to again enter my password.

Any idea how can I avoid re-login until next time I close/open ASDM?

Here's AAA config:

show run aaa
aaa authentication serial console LOCAL
aaa authentication http console RADIUS_GROUP LOCAL
aaa authentication ssh console RADIUS_GROUP LOCAL
aaa authentication enable console RADIUS_GROUP LOCAL
aaa authorization command LOCAL
aaa accounting serial console RADIUS_GROUP
aaa accounting enable console RADIUS_GROUP
aaa accounting ssh console RADIUS_GROUP
aaa local authentication attempts max-fail 5
aaa authorization exec authentication-server auto-enable

 

Thanks,

Florin.

4 Replies 4

Ben Walters
Level 3
Level 3

I believe this is related to the idle timeout, the command would be http server idle-timeout x and you would specify a value in minutes. 

 

Hopefully this is helpful.

It might be - I ll try tomorrow; before that I have two questions:
idle-timeout Idle timeout in minutes (single routed mode only in case of ASDM)
session-timeout Session timeout in minutes (single routed mode only)

I am clear about idle-timeout, but what exactly does session-timeout means?
2nd: If I have another firewall like this
asa01/admin/pri/act#show mode
Security context mode: multiple
asa01/admin/pri/act# show firewall
Firewall mode: Router

Does this means none of the two settings do apply?

The session timeout is a hard limit on the connection time, even if the session is being used, if you had it set to say 10 min the ASA would end the session after 10 minutes even if you were actively using it. 

 

As for multi context mode I'm not too familiar with it but according to the config guide you should be able to use the commands. 

 

In multiple context mode, complete this procedure in the context execution space. To change from the system to a context configuration, enter changeto context name.

 

I asked that because under same ASDM I have these two single routed mode FWs which keep asking for re-login.
But there are several context mode FWs with same settings for "show run all http" which don't care about re-login/don't ask for password once I logged on, no matter how much time.

Thoughts?
P.S. all FWs OS version.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: