06-07-2018 02:07 AM - edited 02-21-2020 07:51 AM
Hi everyone,
I would like to disable the usb port on the firewall in order to block physical access. But I didn't find the CLI command (ASA v9.8.1)
Having tried to search in this forum, people said it is impossible to do.
Did someone succeed to do it?
Thanks.
Regards.
06-07-2018 04:32 AM
hw-module usb disable try that
06-07-2018 04:39 AM
I've already tried this.
This command is not recognized.
Regards.
06-15-2018 06:39 AM
I have inserted a usb key with FAT format on one usb port (below the mngt port), nothing happened.
When I run the command DIR, I saw only disk0.
06-15-2018 12:51 PM
06-16-2018 08:55 AM
Hi Florin,
The firewall is ASA 5525-X with v9.8(1).
I'd like to disable the usb key as said on the title.
But I cannot disable it if I don't see disk1.
Regards.
06-16-2018 10:35 PM
By default the "dir" command will only show you disk0 (internal compact flash card).
If a FAT-formatted USB storage device is connected to the external USB port, you should be able to see its contents with "dir disk1:"
You cannot disable the ASA USB port in software. If you order the FIPS kit it will include a set of tamper resistant stickers - you can apply one of those over the physical port to prevent/detect its use. You can also disable access to it it physically - I have seen epoxy used to fill the port in high security environments!
06-18-2018 03:02 AM
Thank you for your response.
I don't know what are the uses of these usb ports designed originally.
Especially on a security appliance where physical access is not permitted in most cases.
So I have to put sticker on it. Sorry that I have no other choice.
10-03-2024 10:45 PM
We requested Cisco to add this feature for FPR1120 running ASA code and it is now available cisco-asa-fp1k.9.22.1.1.SPA and above. Not sue if it is also compatible with older ASA5xxx series firewalls
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide