I have an ASA, and it appears as if the enable passwords are different on the Console than on the ASDM. I can logon to the
ASDM successfully using the enable password, but if I SSH into the ASA, when it asks for an enable password, and I put
the same one in I used for the ASDM in, it doesn't work. Is this normal or is there something else going on?
ASDM will allow a level15 user to get full admin privilege level using their user password. A user logging in on console (or vty) will always need to provide enable password to move into enable mode.
If you want to make the console enable password match, you can update it from ASDM (Configuration, Device Setup, Device Name / Password).
That does not seem to work.
If I goto: ASDM -> Config -> Device Setup -> Device Namep / Password
then tick the "Enable Password" checkbox to change the password
then type and confirm my new password
then click Apply
then click Save button
When I go into the CLI (via serial connection and putty), that new password is still Invalid.
Am I doing something wrong?
Which ASA model and software version are you running?
The ASDM will use the password from your Username, while when logging in to the console it will use the enable password when you enter exec mode (when you type "enable"). If you want to use the same password for the enable password as you do for the ASDM for both SSH and console you can enter these two commands:
aaa authentication enable console LOCAL
aaa authentication serial console LOCAL
You should now be able to use your username password as the enable password.
Please remember to select a correct answer and rate helpful posts