That's great! I will try that.

is there another way of accessing the ASA console? I heard somewhere that people use ssh or something like it.

When I tried just now the command ssh 192.168.1.1 from under the Operating System command prompt, nothing happens. Maybe I need to specify other parameters.

Thank you

From: halijenn >

Reply-To: "cisco-support@sgaur.hosted.jivesoftware.com" >

Date: Thu, 15 Sep 2011 19:06:28 -0600

To: edward >

Subject: - Re: ASA5505 Console Issue

#####################################################################################

This e-mail message has been scanned for Viruses and Content and cleared

by MailMarshal

Yes, you can SSH/Telnet to the ASA.

To SSH, you would need to use SSH Client software, eg: SecurCRT or Putty.

To telnet, you can just telnet using the OS DOS command prompt.

You would need to enable telnet and SSH on the ASA if you are planning to use either telnet/ssh.

Once enabled, For telnet, you can telnet to any of the high security level interface, with the exception of the lowest security level interface.

For SSH, you can SSH to any of the ASA interfaces.

Yes I get a permission denied and you are right I need to enable it. Would you happen to know how to enable telnet/ssh under ASDM?

Thank you

From: halijenn >

Reply-To: "cisco-support@sgaur.hosted.jivesoftware.com" >

Date: Thu, 15 Sep 2011 19:20:39 -0600

To: edward >

Subject: - Re: ASA5505 Console Issue

#####################################################################################

This e-mail message has been scanned for Viruses and Content and cleared

by MailMarshal

Depending on which interface you are trying to telnet to and what ip address you are coming from.

If you would like to telnet to the ASA inside interface and allowing all IP Address to have the ability to telnet:

telnet 0 0 inside

For ssh to both inside and outside interface:

ssh 0 0 inside

ssh 0 0 outside

Hi Jennifer,

ssh it's not letting me in (see Terminal window image) ! and yet I have enabled ssh and telnet in ASDM Java Console.

I tried accessing the console using both default admin account, and a second account called edward

I know I must be so close to resolving this, but still not there! :-)

thanks for your help

Try to use the default username: pix and password: cisco, and see if you can log in.

I tried all SSH 192.168.1.1 userid/password combinations but no luck!

Would you know of a way of resetting the ASA admin password from inside the ASDM Command Line Interface?

Thank you for your patience and support

From: halijenn >

Reply-To: "cisco-support@sgaur.hosted.jivesoftware.com" >

Date: Thu, 15 Sep 2011 20:46:48 -0600

To: edward >

Subject: - Re: ASA5505 Console Issue

Cisco Support Community<>

Re: ASA5505 Console Issue

created by Jennifer Halim<> in Firewalling - View the full discussion<>

You would also need to configure the AAA authentication if you haven't for SSH and Telnet:

aaa authentication telnet console LOCAL

aaa authentication ssh console LOCAL

Then try to login with the username that you have configured on the ASA.

Hi Jennifer,

I have good news! I can access the console using both telnet and ssh however only a subset of the ASA commands will work!

For example, these commands are recognised:-

show version

show local host

Whereas the following will not work:-

crypto key generate rsa label sslvpnkeypair

Have a look here:-

Last login: Fri Sep 16 14:29:39 on ttys001

192-168-1-200:~ edward$ ssh edward@192.168.1.1

edward@192.168.1.1's password:

Type help or '?' for a list of available commands.

ciscoasa> show running-config

^

ERROR: % Invalid input detected at '^' marker.

ciscoasa> "sh run"

^

ERROR: % Invalid input detected at '^' marker.

ciscoasa> crypto key generate rsa label sslvpnkeypair

^

ERROR: % Invalid input detected at '^' marker.

ciscoasa

At the moment, when you log in, you are at the most basic level, so you can only issue a few commands.

To go to the next level of command, you would need to type in "enable", that will bring you to enable mode.

You would be able to issue all the "show" commands within enable mode.

If you need to configure anything, then you would need to go to the configuration mode. To go to config mode, from enable mode, type in "conf t".

Once you are in config mode, you can pretty much enter any commands and the configuration will take effect immediately as soon as you configure it.

Hi Jennifer,

Everything works perfectly now!

I don’t know how to thank you enough for your support.

Enjoy the coming weekend

Bye

Edward

From: halijenn >

Reply-To: "cisco-support@sgaur.hosted.jivesoftware.com" >

Date: Fri, 16 Sep 2011 00:09:49 -0600

To: edward >

Subject: - Re: ASA5505 Console Issue

#####################################################################################

This e-mail message has been scanned for Viruses and Content and cleared

by MailMarshal