A very simple tasks: How do I change password for the admin user and enable password on Cisco ASA 5510, this shows it should be straightforward by using passwd and enable passwd but it simply does not work. What I do:
Login as admin over ssh with old password
enable with old password
enable passwd new_pass
when I reconnect I have to use old password.
sh run aaa
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
Cisco Adaptive Security Appliance Software Version 8.2(5)59
Device Manager Version 7.1(6)
So, how to change the password on ASA 5510 for user admin, for enable and for any logged in user?
... View more
I have 2 outside connections one of which works as a backup connection. I am trying to setup SLA monitor so that when primary fails, the secondary connection takes over. However I never get connected to the primary connection after reboot, the backup connection is active after reboot. I configure: sla monitor 1 type echo protocol ipIcmpEcho x.x.x.x interface INET num-packets 3 timeout 1000 frequency 20 sla monitor schedule 1 life forever start-time now track 1 rtr 1 reachability route INET 0.0.0.0 0.0.0.0 89.x.x.73 1 track 1 at this moment two route config exist: route INET 0.0.0.0 0.0.0.0 89.x.x.73 1 track 1 route INET 0.0.0.0 0.0.0.0 89.x.x.73 I delete the: no route INET 0.0.0.0 0.0.0.0 89.x.x.73 Now this works as it should. However, once I reload (after write), the backup connection is active. The only way it works even after reload is when in sla monitor 1: type echo protocol ipIcmpEcho 89.x.x.73 interface INET ie. If I am trying to ping the gateway. Also I have noticed if one connection is active eg INET: ping INETSDSL 220.127.116.11 makes no response however ping INET 18.104.22.168 works fine. And if backup connection is active, ping INET 22.214.171.124 gives no result but ping INETSDSL 126.96.36.199 works fine. Some config details: route INET 0.0.0.0 0.0.0.0 89.x.x.73 1 track 1 route INETSDSL 0.0.0.0 0.0.0.0 10.x.x.x 254 sla monitor 1 type echo protocol ipIcmpEcho x.x.x.x interface INET num-packets 3 timeout 1000 frequency 20 sla monitor schedule 1 life forever start-time now track 1 rtr 1 reachability sh ver: Cisco Adaptive Security Appliance Software Version 8.2(1)11 Device Manager Version 6.2(5) Any ideas how to make it work?
... View more
Thank you for the reply. This is what I actually tried, show run gives for that user: username cisco password abcabcabc encrypted username cisco attributes service-type remote-access Despite that the user can log to the cli of ASA and execute enable and e.g. show run which is very unwanted. Any more ideas?
... View more