cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2550
Views
0
Helpful
5
Replies

ASA 5510 PASSWORD POLICY NOT CONFIGURED

Hi All ,

 

Have a great day to all!!!

 

I have to configure the password policy on my cisco asa 5510 firewall But when I am trying to configure it I am not able to configure it .

the configuration command is not supported.

Please suggest that it is IOS issue or there is another method to configure it .Also please suggest the IOS version from which I have to upgrade it if this is the IOS issue .

 

Please suggest the solution ...........

 

Please find the show version of firewall.

MAIN-ASA5510-FW01# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(3) 
Device Manager Version 6.3(3)

Compiled on Fri 06-Aug-10 07:51 by builders
System image file is "disk0:/asa823-k8.bin"
Config file at boot was "startup-config"

MAIN-ASA5510-FW01 up 1 hour 17 mins
failover cluster up 1 hour 17 mins

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : CN1000-MC-BOOT-2.00 
                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.04

 0: Ext: Ethernet0/0         : address is 8843.e10c.4192, irq 9
 1: Ext: Ethernet0/1         : address is 8843.e10c.4193, irq 9
 2: Ext: Ethernet0/2         : address is 8843.e10c.4194, irq 9
 3: Ext: Ethernet0/3         : address is 8843.e10c.4195, irq 9
 4: Ext: Management0/0       : address is 8843.e10c.4191, irq 11
              
 5: Int: Internal-Data0/0    : address is 0000.0001.0002, irq 11
 6: Int: Not used            : irq 5
 7: Ext: GigabitEthernet1/0  : address is 0019.2f58.c456, irq 255
 8: Ext: GigabitEthernet1/1  : address is 0019.2f58.c457, irq 255
 9: Ext: GigabitEthernet1/2  : address is 0019.2f58.c458, irq 255
10: Ext: GigabitEthernet1/3  : address is 0019.2f58.c459, irq 255
11: Int: Internal-Data1/0    : address is 0000.0003.0002, irq 255

Licensed features for this platform:
Maximum Physical Interfaces    : Unlimited 
Maximum VLANs                  : 100       
Inside Hosts                   : Unlimited 
Failover                       : Active/Active
VPN-DES                        : Enabled   
VPN-3DES-AES                   : Enabled   
Security Contexts              : 2         
GTP/GPRS                       : Disabled  
SSL VPN Peers                  : 2         
Total VPN Peers                : 250       
Shared License                 : Disabled
AnyConnect for Mobile          : Disabled  
AnyConnect for Cisco VPN Phone : Disabled  
AnyConnect Essentials          : Disabled  
Advanced Endpoint Assessment   : Disabled  
              
UC Phone Proxy Sessions        : 2         
Total UC Proxy Sessions        : 2         
Botnet Traffic Filter          : Disabled  

This platform has an ASA 5510 Security Plus license.

Serial Number: JMX1416L4EL
Running Activation Key: 0x7237ea5d 0x34cd7322 0x7073cd8c 0x9f348400 0x890c0ca1 
Configuration register is 0x2001
Configuration last modified by enable_15 at 18:32:10.559 IST Mon Jul 28 2014

5 Replies 5

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

 

Can you please tell us what commands you are trying to use. You did not mention them and they are quite essential to determine what the problem is.

 

- Jouni

Hi Jouni,

 

Thanks for the reply.

The commands which i am using to configure it is mention below.

Because I want to set the password length and its complexity by defining the minimum and maximum number of different type of character like number ,small letter,capital letter,special character etc.

#############################

#change-password,

#password-policy lifetime,

#password-policy minimum changes,

#password-policy minimum-length,
#password-policy minimum-lowercase,

#password-policy minimum-uppercase,
#password-policy minimum-numeric,

#password-policy minimum-special,

#password-policy authenticate enable,

#clear configure password-policy,

#show running-config password-policy.

 

 

Please reply I am waiting for you reply.......

hi,

these commands are supported on 8.4(4.1) code. refer table 35-3 from link:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/access_aaa.html#wp1055631

Hi John,

 

Thanks for reply.

Means I have to upgrade my IOS from 8.2.3 to 8.4.4(1).

Could i upgrade the ios directly from 8.2.3 to 8.4.4(1) or I have to go sequentially .Is there any boundation to update it regarding version .

 

Also my current asdm version is 6.3.3 and as per compatibility matrix of ios and asdm I have upgrade it with 6.4.9 or later.

Please suggest that can i directly upgrade the asdm version  from 6.3.3 to 6.4.9 .

 

Also please suggest after the upgradation of ios and asdm software there will be any change in old configuration or the configuration will remain unchanged.

also after upgradation is there any requirement to install the feature key again .

 

please suggest.....

 

Thanks & Regards,

Madhuraj

Hi All,

 

Have a nice day !!!

 

please suggest the solution as mention above for the process of ios and asdm upgradation. I am little bit in doubt about the configuration change after the asa upgrade with new ios . and also licence change or require a new license or install the licence key again.

 

please suggest about the mention problem.

 

 

rgds,

madhuraj

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: