cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2311
Views
0
Helpful
8
Replies

Cisco ASA 5512-X Cannot login via console

unrealone1
Level 1
Level 1

Hi,

Tried logging in via ASDM, but apperantly there is a command I need to run first.

So plugged console cable into my laptop and firewall, ciscoasa> comes up, but I cannot log into it?

I thought username: cisco and password: cisco were the defaults? Any ideas?

1 Accepted Solution

Accepted Solutions

You don't.- it's the (free) "3DES/AES License" you need - as I noted in my initial post. It just coincidentally appears on the same page as IPS licenses.

The 3DES/AES License allows your ASA to support strong encryption that is built into all modern web browsers. Without it, the https transport cannot negotiate to an acceptably strong cipher suite.

View solution in original post

8 Replies 8

unrealone1
Level 1
Level 1

Managed to login to the asa via the console, didnt type the enable command.

Have another question, I still cannot access the ASDM via the MGMT port on 192.168.1.1, so I typed the below command as https://supportforums.cisco.com/thread/2198194 suggested:

ssl encryption aes128-sha1 3des-sha1

and I get a message:

The 3DES/AES algorithms require a VPN-3DES-AES activation key

Any ideas?

Your ASA was not ordered with the strong encryption option. Assuming you're not in a prohibited country (e.g. North Korea, Iran etc.), you can go the the licensing portal and get the necessary activation key in just a few minutes.

https://tools.cisco.com/SWIFT/LicensingUI/Quickstart

Choose Get New > IPS, Crypto or Other licenses. On the subsequent page choose Security Products > Cisco ASA 3DES/AES License. Provide your serial number and the portal will generate the activation-key you need via e-mail with instructions to install it.

Hi,

I went to the above link but I couldnt see an option for IPS.

Can you be more specfic with the instructions.

Start licensing wizard?

See the following screen shots (click to enlarge) for Step #1, #2 and #3 following the link I posted above.

Capture.JPG

Capture.JPG

Capture.JPG

Marvin, many thanks for that. I dont seem to have these options in the screen shot? logged in etc. Firewall is not registered on my account yet, this why? If so how do I go about this?

123.jpg

Was because I was using IE11 ! Tried Firefox and I have the available options.

Anyway, gone through all the steps and get stuck here:

License.jpg

Marvin,

Why do I need this IPS license? My old ASA5510 didnt require an IPS license to access the ASDM?

You don't.- it's the (free) "3DES/AES License" you need - as I noted in my initial post. It just coincidentally appears on the same page as IPS licenses.

The 3DES/AES License allows your ASA to support strong encryption that is built into all modern web browsers. Without it, the https transport cannot negotiate to an acceptably strong cipher suite.

Review Cisco Networking for a $25 gift card