1-14
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Management Access
Configuring AAA for System Administrators
To allow only VPN client users access to the ASA using SSH (and deny access to all other users), enter
the following command:
hostname(config)# ssh 192.168.10.0 255.255.255.0 management_interface
Configuring a Management Interface
To configure the management interface, perform the following steps.
Detailed Steps
Configuring AAA for System Administrators
This section describes how to enable authentication and command authorization for system
administrators. Before you configure AAA for system administrators, first configure the local database
or AAA server according to procedures listed in Chapter 1, “Configuring AAA Servers and the Local
Database.”
This section includes the following topics:
• Information About AAA for System Administrators, page 1-14
• Licensing Requirements for AAA for System Administrators, page 1-18
• Prerequisites, page 1-18
• Guidelines and Limitations, page 1-19
• Default Settings, page 1-19
• Configuring Authentication for CLI and ASDM Access, page 1-20
• Configuring Authentication to Access Privileged EXEC Mode (the enable Command), page 1-20
• Limiting User CLI and ASDM Access with Management Authorization, page 1-22
• Configuring Command Authorization, page 1-24
• Configuring Management Access Accounting, page 1-30
• Viewing the Currently Logged-In User, page 1-31
• Recovering from a Lockout, page 1-32
Information About AAA for System Administrators
This section describes AAA for system administrators and includes the following topics:
• Information About Management Authentication, page 1-15
Command Purpose
management-access management_interface
Example:
hostname(config)# management-access inside
The management_interface specifies the name of the management
interface that you want to access when entering the ASA from another
interface.
To Next Page
Loading...
Need help?
General
