Allowing Telnet Access - Cisco FirePOWER ASA 5500 series Configuration Manual

Managing System Access
This chapter describes how to access the security appliance for system management through Telnet,
SSH, and HTTPS. It also describes how to authenticate and authorize users and how to create login
banners.
This chapter includes the following sections:
•
•
•
•
•
To access the security appliance interface for management access, you do not also need an access list
Note
allowing the host IP address. You only need to configure management access according to the sections
in this chapter.

Allowing Telnet Access

The security appliance allows Telnet connections to the security appliance for management purposes.
You cannot use Telnet to the lowest security interface unless you use Telnet inside an IPSec tunnel.
The security appliance allows a maximum of 5 concurrent Telnet connections per context, if available,
with a maximum of 100 connections divided between all contexts.
To configure Telnet access to the security appliance, follow these steps:
Step 1 To identify the IP addresses from which the security appliance accepts connections, enter the following
command for each address or subnet:
hostname(config)# telnet source_IP_address mask source_interface
If there is only one interface, you can configure Telnet to access that interface as long as the interface
has a security level of 100.
(Optional) To set the duration for how long a Telnet session can be idle before the security appliance
Step 2
disconnects the session, enter the following command:
hostname(config)# telnet timeout minutes
OL-10088-01
Allowing Telnet Access, page 40-1
Allowing SSH Access, page 40-2
Allowing HTTPS Access for ASDM, page 40-3
Configuring AAA for System Administrators, page 40-4
Configuring a Login Banner, page 40-16
C H A P T E R
Cisco Security Appliance Command Line Configuration Guide
40
40-1