Cisco ASA 5506-X Configuration Manual page 386
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Configure the ASA CX Module
Change the admin password by entering the following command:
Step 6
asacx> config passwd
Example:
asacx> config passwd
The password must be at least 8 characters long and must contain
at least one uppercase letter (A-Z), at least one lowercase letter
(a-z) and at least one digit (0-9).
Enter password: Farscape1
Confirm password: Farscape1
SUCCESS: Password changed for user admin
Step 7
Enter the exit command to log out.
Configure the Security Policy on the ASA CX Module
You use PRSM to configure the security policy on the ASA CX module. The security policy controls the
services provided by the module. You cannot configure the policy through the ASA CX CLI, the ASA
CLI, or ASDM.
PRSM is both the name of the ASA CX configuration interface and the name of a separate product for
configuring ASA CX devices, Cisco Prime Security Manager. The method for accessing the
configuration interface, and how to use it, are the same. For details on using PRSM to configure your
ASA CX security policy, see the ASA CX/PRSM user guide or online help.
To open PRSM, use a web browser to open the following URL:
https://management_address
Where management_address is the DNS name or IP address of the ASA CX management interface or
the PRSM server. For example, https://asacx.example.com.
Configure the Authentication Proxy Port
If you use active authentication in ASA CX policies, the ASA uses port 885 as the authentication proxy
port. You can configure a different port if 885 is not acceptable, but a non-default port must be higher
than 1024. For more information about the authentication proxy, see
Authentication, page
In multiple context mode, change the port within each security context.
To change the authentication proxy port, enter the following command:
cxsc auth-proxy port port
For example, cxsc auth-proxy port 5000.
Redirect Traffic to the ASA CX Module
You can redirect traffic to the ASA CX module by creating a service policy that identifies specific traffic.
For demonstration purposes only, you can also enable monitor-only mode for the service policy, which
forwards a copy of traffic to the ASA CX module, while the original traffic remains unaffected.
Cisco ASA Series Firewall CLI Configuration Guide
17-16
17-5.
Chapter 17
ASA CX Module
Authentication Proxy for Active
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
