We can configure either inside or management interface.
1.
Configure inside interface:
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
|
2.
Generate self-certificate:
crypto key generate rsa
general-keys modulus 2048
|
3.
Set account:
username cisco password cisco
privilege 15
|
4.
Enable HTTPs and set access:
http server enable
http 192.168.1.0
255.255.255.0 inside
|
5. Set SSH access:
ssh 192.168.1.0 255.255.255.0
inside
|
6. Set ASDM image:
asdm image
disk0:/asdm-714.bin
|
If no ASDM file is found download the file
from cisco.com and copy it to disk0 using TFTP/FTP.
7. Configure AAA services:
8.
Login into the ASA using a
web browser to URL: https://<ASA_IP_ADDRESS>/admin
7. Configure AAA services:
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL aaa authentication enable console LOCAL aaa authentication http console LOCAL |
If you are getting a web page with the following error:
(Error code: ssl_error_no_cypher_overlap) follow the instructions in How to
obtain Cisco ASA 3DES license section.
How to
obtain Cisco ASA 3DES license
Click on Get New->IPS, Crypto, Other licenses:
Click Cisco ASA 3DES/AES License:
Enter the serial number of the ASA (can be taken from the
CLI using the command show version) and click next:
Enter the relevant information and click Get License:
The license will be send to the e-mail you have entered.
Now login into the ASA using console and enter the following
command with the license you have received:
ciscoasa#
configure terminal
ciscoasa(config)#
activation-key xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx
|
Then reload the appliance for changes to take effect.
No comments:
Post a Comment