11-12-2020 03:53 PM
hi all
i have asa 3des license key and i cant add the activation key using cli because i unable to go to configuration mode (no config t command on cli )
im using FTD local managing the asa
EGCAI01-Firepower# show version
---------------[ EGCAI01-Firepower ]----------------
Model : Cisco ASA5516-X Threat Defense (75) Version 6.5.0 (Build 115)
UUID : 2edfecc2-e0fc-11ea-8172-ea9e617e90fb
Rules update version : 2019-08-12-001-vrt
VDB version : 309
----------------------------------------------------
11-12-2020 06:32 PM
11-13-2020 01:35 AM
so how can i get this privilege ? im the owner of this device and the only one who manage this ?
is there another way to install this strong encryption license on asa like tftp app or something else?
how can i have full privilege on my ASA ? is there a way ?
11-13-2020 02:18 AM
11-13-2020 02:40 AM
this what i using the default but just changed the password
Login UID Auth Access Enabled Reset Exp Warn Str Lock Max
admin 1000 Local Config Enabled No Never N/A Dis No N/A
how to create local admin user with full access so it can be access on enable mode and config mode ?
is there a way for that ?
11-13-2020 03:02 AM - edited 11-13-2020 03:04 AM
i have just created admin user now and is this can have the config mode?
> show user
Login UID Auth Access Enabled Reset Exp Warn Str Lock Max
i connected to asa via ssh with new username and password but same issue there is no config mode ?
rick 1002 Local Config Enabled No Never N/A Dis No 5
11-14-2020 11:20 AM - edited 11-14-2020 11:21 AM
You seem to have FTD installed on your ASA hardware. If that is the case, then you can't apply anymore any command on the box through the Lina/ASA console. Also, please note that 3des is deprecated and should not be used anymore. Your licenses to the FTD appliance should be applied through your Cisco smart account.
11-15-2020 04:03 AM - edited 11-15-2020 04:04 AM
You are running Firepower Threat Defense (FTD) image version 6.5.0. That is not the ASA image.
An ASA 3DES-AES license does not apply to an appliance running FTD (whether it is ASA or Firepower hardware).
Additionally, FTD does not have a "config" command mode like ASA software does. There are a very few commands you can enter with the configuration keyword (and licensing is not among them).
01-05-2021 06:02 AM - edited 01-05-2021 06:11 AM
I have a problem with deploying any changes to my ASA5516-X and this happen suddenly and cant change the configurations or do any changes ?? how to solve this ?
I have below weird msg when im trying to login to asa using ssh
Last login: Tue Jan 5 13:53:29 UTC 2021 from 10.246.14.222 on pts/0
Copyright 2004-2019, Cisco and/or its affiliates. All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.
Cisco Fire Linux OS v6.5.0 (build 4)
Cisco ASA5516-X Threat Defense v6.5.0 (build 115)
You have logged in while system startup is in progress. Please wait, some feature may be unavailable until startup is complete.
GCAI01-Firepower# show version
---------------[ EGCAI01-Firepower ]----------------
Model : Cisco ASA5516-X Threat Defense (75) Version 6.5.0 (Build 115)
UUID : 2edfecc2-e0fc-11ea-8172-ea9e617e90fb
Rules update version : 2019-08-12-001-vrt
VDB version : 309
----------------------------------------------------
another thing maybe it help:
i cant configure new local use with below error :
> configure user add munir config
Enter new password for user munir:
Confirm new password for user munir:
Couldn't connect to DB at /ngfw/usr/local/sf/lib/perl/5.10.1/SF/Permission.pm line 710.
Printing stack trace:
called from /ngfw/usr/local/sf/lib/perl/5.10.1/SF/Permission.pm (710)
called from /usr/local/sf/bin/cli_usrmgr (322)
called from /usr/local/sf/bin/cli_usrmgr (781)
01-05-2021 06:09 AM
Hi @amralrazzaz
The error messages indicates the services haven't finished starting, how long have you waited?
Regardless, the FTD is configured via the WebGUI. Have you logged into FDM to apply the configuration change?
HTH
01-05-2021 06:18 AM
@Rob Ingram hi
i was rebooting the asa device and waiting for now 30 mins and then same issue ?
i can access to FTD with admin account but no changes can be applied !!
any changes said ( Last Deployment Failed ) --- check attached
Rob Ingram
01-05-2021 06:25 AM
Unfortunately that screenshot doesn't provide much information, what does the see details button reveal as to the cause of the issue?
FYI, you appear to be running 6.5.0, you might want to consider upgrading to the latest 6.5 patch 4 or upgrading to 6.6.1 which is the gold star recommended version.
01-05-2021 06:34 AM
PLEASE check the attached showing more details?
and also why this happen to my asa ?! im just bought it since only 5 months or less and if i dont wanna go with the upgrade option ? what shall i do ? is there any solution without upgrading ?
also can cause this issue?
and why i cant create local user ? or delete existing one ? maybe if i delete the user and recreate again issue with gone or something?? actually i don't know !!
01-05-2021 06:44 AM
That still doesn't provide any useful information, click > this should expand and provide more information and clue as to the issue.
6.5.0 is the first version of that FTD release, there are a lot of bugs that would have been resolved in the subsequent patches - your issue may or may not be resolvable with an upgrade, but patching would at least keep the FTD up to date.
All management is performed via the WebGUI, changes are not related to a specific user, so I doubt creating a new user will resolve the issue. The exact error would be displayed when you push the policy.
01-05-2021 07:00 AM - edited 01-05-2021 07:07 AM
please check this attached pic as per ur request hope it can be useful
if the upgrade could not solve the issue 100% , so is there any possible way to solve issue without upgrading ?
how to upgrade and from where to download the recommended version? its paid or i have to pay for the new release? or i have to open TAC CASE asking for sending me the new patch ?
also i hope that we can solve this issue without upgrade ? shall i remove the power cable totally form ASA and back again or shall i wait like 24 hours after rebooting BECUASE OF THIS MSG APPEARS TO ME (You have logged in while system startup is in progress. Please wait, some featur e may be unavailable until startup is complete.)
? actually dont know why its happened?? we paid a lot or money to face this kind of issues ???!!! ha
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide