Cisco Cisco ASA 5555-X Adaptive Security Appliance 安装指南

You must configure management access to the ASA so that the APIC can manage the ASA. 

To configure management access to the ASAv, see 

. 

To configure management access to the ASA 5585-X, see the following procedure:

Remove any existing configuration:

ciscoasa(config)# clear configure all

(Optional) Set the firewall mode to transparent firewall mode:

ciscoasa(config)# firewall transparent

Configure the IP address and subnet mask on the management interface. The ASA needs to be 
on the same subnet as the APIC:

ciscoasa(config)# interface management {0/0 | 0/1}

ciscoasa(config-subif)# ip address ip_address subnet_mask

Name the interface “management:”

ciscoasa(config-subif)# nameif management

Enable the interface:

ciscoasa(config-if)# no shutdown

Enable the ASA HTTPS server:

ciscoasa(config)# http server enable

Enable an APIC to access the ASA. Repeat this step for each APIC in the APIC cluster:

ciscoasa(config)# http apic_address 255.255.255.255 management

Create the user, which the APIC uses to access the ASA:

ciscoasa(config)# username username password password privilege 15

The user is not required to be the “management-user.” Any user is acceptable.

Create an AAA authentication that allows APIC to have HTTP console access using LOCAL 
authentication:

ciscoasa(config)# aaa authentication http console LOCAL