[rancid] ASA-5585 Enable mode

heasley heas at shrubbery.net
Sun Dec 31 21:19:27 UTC 2017


Thu, Dec 28, 2017 at 06:42:46PM -0800, Azher:
> Hi All,
> 
> Our current Cisco ASA devices "ASA5550" , 8.4(7)30, work fine with RANCID.
> 
> Same config does not work for ASA-5585, 9.8(1). I am not sure why it is
> sending "admin" twice and later it sends "enable" at the prompt .... Any
> suggestions ?
> 
> add user sslvpnb admin
> add password sslvpnb pass1 pass2
> add autoenable sslvpnb 0
> add method sslvpnb ssh
> 
> [rancid at rancid ~]$ more var/asa/router.db
> sslvpn1;cisco;up
> sslvpn2;cisco;up
> sslvpna;cisco;up
> sslvpnb;cisco;up
> 
> [rancid at rancid ~]$ clogin sslvpnb
> sslvpnb
> spawn ssh -c aes128-ctr,aes128-cbc,3des-cbc -x -l admin sslvpnb
> admin at sslvpnb's password:
> User admin logged in to sslvpnb
> Logins over the last 44 days: 29.  Last login: 18:09:41 PST Dec 28 2017
> from 68.181.191.19
> Failed logins since the last login: 0.  Last failed login: 06:47:32 PST Dec
> 28 2017 from 68.181.191.19

its sending admin again because it sees "login:" before a prompt.  why
is it displaying this?

> Type help or '?' for a list of available commands.
> sslvpnb> admin
>          ^
> ERROR: % Invalid input detected at '^' marker.
> 
> Error: Unrecognized command, check your enable command
> sslvpnb> admin
>          ^
> ERROR: % Invalid input detected at '^' marker.
> sslvpnb> enable
> Password:
> Invalid password
> Password:
> Invalid password
> Password:
> Invalid password
> Access denied.
> sslvpnb>
> 
> 
> Thanks
> -Azher

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss



More information about the Rancid-discuss mailing list