Cisco Cisco ASA 5525-X Adaptive Security Appliance - No Payload Encryption 설치 가이드
5
3
Configure Management Access to the ASA
You must configure management access to the ASA so that the APIC can manage the ASA.
To configure management access to the ASAv, see
.
To configure management access to the ASA 5585-X, see the following procedure:
Step 1
Remove any existing configuration:
ciscoasa(config)# clear configure all
Step 2
(Optional) Set the firewall mode to transparent firewall mode:
ciscoasa(config)# firewall transparent
Step 3
Configure the IP address and subnet mask on the management interface. The ASA needs to be
on the same subnet as the APIC:
on the same subnet as the APIC:
ciscoasa(config)# interface management {0/0 | 0/1}
ciscoasa(config-subif)# ip address ip_address subnet_mask
Step 4
Name the interface “management:”
ciscoasa(config-subif)# nameif management
Step 5
Enable the interface:
ciscoasa(config-if)# no shutdown
Step 6
Enable the ASA HTTPS server:
ciscoasa(config)# http server enable
Step 7
Enable an APIC to access the ASA. Repeat this step for each APIC in the APIC cluster:
ciscoasa(config)# http apic_address 255.255.255.255 management
Step 8
Create the user, which the APIC uses to access the ASA:
ciscoasa(config)# username username password password privilege 15
Note
The user is not required to be the “management-user.” Any user is acceptable.
Step 9
Create an AAA authentication that allows APIC to have HTTP console access using LOCAL
authentication:
authentication:
ciscoasa(config)# aaa authentication http console LOCAL