17-16
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 17 ASA CX Module
Configure the ASA CX Module
Step 6
Change the admin password by entering the following command:
asacx>
config passwd
Example:
asacx>
config passwd
The password must be at least 8 characters long and must contain
at least one uppercase letter (A-Z), at least one lowercase letter
(a-z) and at least one digit (0-9).
Enter password:
Farscape1
Confirm password:
Farscape1
SUCCESS: Password changed for user admin
Step 7
Enter the
exit
command to log out.
Configure the Security Policy on the ASA CX Module
You use PRSM to configure the security policy on the ASA CX module. The security policy controls the
services provided by the module. You cannot configure the policy through the ASA CX CLI, the ASA
CLI, or ASDM.
PRSM is both the name of the ASA CX configuration interface and the name of a separate product for
configuring ASA CX devices, Cisco Prime Security Manager. The method for accessing the
configuration interface, and how to use it, are the same. For details on using PRSM to configure your
ASA CX security policy, see the ASA CX/PRSM user guide or online help.
To open PRSM, use a web browser to open the following URL:
https://
management_address
Where
management_address
is the DNS name or IP address of the ASA CX management interface or
the PRSM server. For example, https://asacx.example.com.
Configure the Authentication Proxy Port
If you use active authentication in ASA CX policies, the ASA uses port 885 as the authentication proxy
port. You can configure a different port if 885 is not acceptable, but a non-default port must be higher
than 1024. For more information about the authentication proxy, see
Authentication Proxy for Active
.
In multiple context mode, change the port within each security context.
To change the authentication proxy port, enter the following command:
cxsc auth-proxy port
port
For example,
cxsc auth-proxy port 5000
.
Redirect Traffic to the ASA CX Module
You can redirect traffic to the ASA CX module by creating a service policy that identifies specific traffic.
For demonstration purposes only, you can also enable monitor-only mode for the service policy, which
forwards a copy of traffic to the ASA CX module, while the original traffic remains unaffected.
Summary of Contents for ASA 5512-X
Page 5: ...P A R T 1 Service Policies and Access Control ...
Page 6: ......
Page 51: ...P A R T 2 Network Address Translation ...
Page 52: ......
Page 127: ...P A R T 3 Application Inspection ...
Page 128: ......
Page 255: ...P A R T 4 Connection Settings and Quality of Service ...
Page 256: ......
Page 303: ...P A R T 5 Advanced Network Protection ...
Page 304: ......
Page 339: ...P A R T 6 ASA Modules ...
Page 340: ......