ASDM enable password and console enable password

JohnTylerPearce · ‎03-15-2012

I have an ASA, and it appears as if the enable passwords are different on the Console than on the ASDM. I can logon to the

ASDM successfully using the enable password, but if I SSH into the ASA, when it asks for an enable password, and I put

the same one in I used for the ASDM in, it doesn't work. Is this normal or is there something else going on?

Marvin Rhoads · ‎03-15-2012

ASDM will allow a level15 user to get full admin privilege level using their user password. A user logging in on console (or vty) will always need to provide enable password to move into enable mode.

If you want to make the console enable password match, you can update it from ASDM (Configuration, Device Setup, Device Name / Password).

matthew.greenwood · ‎01-25-2017

That does not seem to work.

If I goto: ASDM -> Config -> Device Setup -> Device Namep / Password

then tick the "Enable Password" checkbox to change the password

then type and confirm my new password

then click Apply

then click Save button

When I go into the CLI (via serial connection and putty), that new password is still Invalid.

Am I doing something wrong?

Marius Gunnerud · ‎01-25-2017

Which ASA model and software version are you running?

The ASDM will use the password from your Username, while when logging in to the console it will use the enable password when you enter exec mode (when you type "enable"). If you want to use the same password for the enable password as you do for the ASDM for both SSH and console you can enter these two commands:

aaa authentication enable console LOCAL
aaa authentication serial console LOCAL

You should now be able to use your username password as the enable password.

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts