EasyManuals Logo

Cisco ASA 5540 User Manual

Cisco ASA 5540
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1012 background imageLoading...
Page #1012 background image
1-18
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Management Access
Configuring AAA for System Administrators
Licensing Requirements for AAA for System Administrators
The following table shows the licensing requirements for this feature:
Prerequisites
Depending on the feature, you can use the following:
AAA server—See the “Configuring AAA Server Groups” section on page 1-11.
Local Database—See the Adding a User Account to the Local Database” section on page 1-22.
Prerequisites for Management Authentication
Before the ASA can authenticate a Telnet, SSH, or HTTP user, you must identify the IP addresses that
are allowed to communicate with the ASA. For the ASASM, the exception is for access to the system in
multiple context mode; a session from the switch to the ASASM is a Telnet session, but Telnet access
configuration is not required. For more information, see the “Configuring ASA Access for ASDM,
Telnet, or SSH” section on page 1-1.
Prerequisites for Local Command Authorization
Configure enable authentication. (See the “Configuring Authentication for CLI and ASDM Access”
section on page 1-20.)
enable authentication is essential for maintaining the username after the user accesses the enable
command.
Alternatively, you can use the login command (which is the same as the enable command with
authentication; for the local database only), which requires no configuration. We do not recommend
this option because it is not as secure as enable authentication.
You can also use CLI authentication, but it is not required.
See the following prerequisites for each user type:
Local database users—Configure each user in the local database at a privilege level from 0 to 15.
RADIUS users—Configure the user with Cisco VSA CVPN3000-Privilege-Level with a value
between 0 and 15.
LDAP users—Configure the user with a privilege level between 0 and 15, and then map the
LDAP attribute to Cisco VSA CVPN3000-Privilege-Level according to the “Configuring LDAP
Attribute Maps” section on page 1-20.
Prerequisites for TACACS+ Command Authorization
Configure CLI authentication (see the “Configuring Authentication for CLI and ASDM Access”
section on page 1-20).
Configure enable authentication (see the “Configuring Authentication to Access Privileged EXEC
Mode (the enable Command)” section on page 1-20).
Model License Requirement
All models Base License.

Table of Contents

Other manuals for Cisco ASA 5540

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5540 and is the answer not in the manual?

Cisco ASA 5540 Specifications

General IconGeneral
Firewall Throughput650 Mbps
Maximum Firewall Connections400, 000
VPN Throughput225 Mbps
Maximum VPN Peers5, 000
High AvailabilityActive/Active, Active/Standby
IPSec VPN Throughput225 Mbps
Memory1 GB
IPS Throughput225 Mbps
Security Contexts50
Flash Memory64 MB
Form Factor1U
Power SupplyDual
Interfaces4 x 10/100/1000 Ethernet

Related product manuals