11-06-2013 12:46 AM - edited 03-11-2019 08:00 PM
hi all,
i'm just wondering if we could do fancy ASCII text/art on ASA's banner.
i tried to do the same as my other devices but it's doesn't accept it.
ASA5505(config)# banner login +-----------------------------------------------$
ASA5505(config)# | This equipment is privately owned and monitored. $
| This equipment is privately owned and monitored. |
^
ERROR: % Invalid input detected at '^' marker.
SW2#sh run | b banner
banner login ^C
+--------------------------------------------------------------+
| This equipment is privately owned and monitored. |
| Disconnect immediately if you are not an authorized user. |
+--------------------------------------------------------------+
^C
Solved! Go to Solution.
11-06-2013 12:57 AM
The problem with the banner is though that it doesnt show up with SSH. Seems only show up with Telnet and I dont really use Telnet to manage the ASAs
You can get a message after the login but that doesnt really serve the purpose.
For that you can use
banner motd
or
banner exec
- Jouni
11-06-2013 01:30 AM
changing from user to enable mode is not a login-process. The banner motd is also only shown at the start of the exec- session. I'm not aware of a banner that can be shown while changing from user- to enable-mode.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
11-06-2013 12:50 AM
Hi,
Its a bit different compared to the Cisco Routers and Switches.
Add the configuration command "banner login" at the start of each line and it should be fine to my understanding
banner login +--------------------------------------------------------------+
banner login | This equipment is privately owned and monitored. |
banner login | Disconnect immediately if you are not an authorized user. |
banner login +--------------------------------------------------------------+
Hope this helps
- Jouni
11-06-2013 12:57 AM
The problem with the banner is though that it doesnt show up with SSH. Seems only show up with Telnet and I dont really use Telnet to manage the ASAs
You can get a message after the login but that doesnt really serve the purpose.
For that you can use
banner motd
or
banner exec
- Jouni
11-06-2013 01:05 AM
The "banner login" is used to get the message bofore the login:
schlipp:~ karsten$ ssh -l test 10.255.192.254
#####################################################
# #
# Access to this device or the attached networks #
# is prohibited without express written permission. #
# Violators will be prosecuted to the fullest #
# extent of both civil and criminal law. #
# #
#####################################################
test@10.255.192.254's password:
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
11-06-2013 01:13 AM
Hmm,
Is this something related to Putty client then or why does it now work for me?
Found a lot of posts regarding this problem also
- Jouni
11-06-2013 01:18 AM
I remember that older putty-versions suppressed the banner before the login, but the actual version shows the login-banner directly after you input your login-name.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
11-06-2013 12:50 AM
On the ASA, the banner is configured differently then on a switch or router. Instead of having a start- and end-character, you use multiple lines of "banner login":
banner login #####################################################
banner login # #
banner login # Access to this device or the attached networks #
banner login # is prohibited without express written permission. #
banner login # Violators will be prosecuted to the fullest #
banner login # extent of both civil and criminal law. #
banner login # #
banner login #####################################################
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
11-06-2013 01:21 AM
guys,
i tried to do as advised but it seems not working.
i'm using teraterm, not sure if it's related to the SSH client used.
should i use banner motd instead?
ASA5505(config)# banner login +-----------------------------------------------$
ASA5505(config)# banner login | This equipment is privately owned and monitore$
ASA5505(config)# banner login | Disconnect immediately if you are not an autho$
ASA5505(config)# banner login +-----------------------------------------------$
ASA5505(config)# sh run banner
banner login +--------------------------------------------------------------+
banner login | This equipment is privately owned and monitored. |
banner login | Disconnect immediately if you are not an authorized user. |
banner login +--------------------------------------------------------------+
----
Type help or '?' for a list of available commands.
ASA5505> en
Password: *****
ASA5505#
- edit: nevermind, it's due to SSH access. i tried what jouni suggested to use either banner motd or banner exec.
i ended up using banner motd and it displays nicely now. thanks for all your help!
+--------------------------------------------------------------+
| This equipment is privately owned and monitored. |
| Disconnect immediately if you are not an authorized user. |
+--------------------------------------------------------------+
Type help or '?' for a list of available commands.
ASA5505>
11-06-2013 01:30 AM
changing from user to enable mode is not a login-process. The banner motd is also only shown at the start of the exec- session. I'm not aware of a banner that can be shown while changing from user- to enable-mode.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
07-31-2023 06:21 AM
Hi.
You can you ASCII generated fonts from ASCII art generator
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide