Step 1 Choose
Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH
, and click
The Add Device Access Configuration dialog box appears.
Step 2 Choose the type of session from the three options listed:
Step 3 From the Interface Name drop-down list, choose the Ethernet interface to use for administrative access.
Step 4 In the IP Address field, enter the IP address of the network or host that is allowed access.
Step 5 From the Mask drop-down list, choose the mask associated with the network or host that is allowed access.
Step 6 Click
Step 7 Configure HTTP Settings.
a. Enable HTTP Server—Enable the HTTP server for ASDM access. This is enabled by default.
b. (Optional) Port Number—The default port is 443.
c. (Optional) Idle Timeout—The default idle timeout is 20 minutes.
d. (Optional) Session Timeout—By default, the session timeout is disabled. ASDM connections have no session time limit.
Step 8 (Optional) Configure Telnet Settings.
a. Telnet Timeout—The default timeout value is 5 minutes.
Step 9 (Optional) Configure SSH Settings.
a. Allowed SSH Version(s)—The default value is 1 & 2.
b. SSH Timeout—The default timeout value is 5 minutes.
c. Diffie-Hellman—The default is Diffie-Hellman Key Exchange Group 1. The Diffie-Hellman Key Exchange Group 14 is also supported.
Step 10 Click
The changes are saved to the running configuration.
Step 11 (Required for SSH) You must also configure SSH authentication.
Configuration > Device Management > Users/AAA > AAA Access > Authentication
b. Check the
c. From the Server Group drop-down list, choose an already configured AAA server group name or the
database. To add AAA server groups, see the “Configuring AAA Server Groups” section.
d. (Optional) If you chose a AAA server group, you can configure the ASA 1000V to use the local database as a fallback method if the AAA server is unavailable. Check the
Use LOCAL when server group fails
check box. We recommend that you use the same username and password in the local database as the AAA server because the ASA 1000V prompt does not give any indication of which method is being used.
f. If you chose the LOCAL database, add a local user. Choose
Configuration > Device Management > Users/AAA > User Accounts
, and then click
The Add User Account-Identity dialog box appears.
g. In the Username field, enter a username from 4 to 64 characters long.
h. In the Password field, enter a password between 3 and 32 characters. Passwords are case-sensitive.
i. In the Confirm Password field, reenter the password.
For information about other fields, see the “Adding a User Account to the Local Database” section.