Filter
Top Products
4-16
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 4 Setting Up the Sensor
Configuring Authentication and User Parameters
Note If you change the port or enable TLS settings, you must reset the sensor to make the web server use the
new settings.
For More Information
• For the procedure for resetting the appliance, see Resetting the Appliance, page 17-47.
• For the procedure for resetting the ASA 5500 AIP SSM, see Reloading, Shutting Down, Resetting,
and Recovering the ASA 5500 AIP SSM, page 18-15.
• For the procedure for resetting the ASA 5500-X IPS SSP, see Reloading, Shutting Down, Resetting,
and Recovering the ASA 5500-X IPS SSP, page 19-12.
• For the procedure for resetting the ASA 5585-X IPS SSP, see Reloading, Shutting Down, Resetting,
and Recovering the ASA 5585-X IPS SSP, page 20-12.
Configuring Authentication and User Parameters
The following section explains how to create users, configure RADIUS authentication, create the service
account, configure passwords, specify privilege level, view a list of users, configure password policy,
and lock and unlock user accounts. It contains the following topics:
• Adding and Removing Users, page 4-16
• Configuring Authentication, page 4-18
• Configuring Packet Command Restriction, page 4-24
• Creating the Service Account, page 4-26
• The Service Account and RADIUS Authentication, page 4-27
• RADIUS Authentication Functionality and Limitations, page 4-28
• Configuring Passwords, page 4-28
• Changing User Privilege Levels, page 4-29
• Showing User Status, page 4-30
• Configuring the Password Policy, page 4-30
• Locking User Accounts, page 4-32
• Unlocking User Accounts, page 4-33
Adding and Removing Users
Use the username command to create users on the local system. You can add a new user, set the privilege
level—administrator, operator, viewer—and set the password for the new user. Use the no form of this
command to remove a user from the system. This removes the user from CLI and web access.