请选择 进入手机版 | 继续访问电脑版

设为首页 收藏本站
思科社区 关注
思科社区

搜索
热搜: 邮件服务器
查看: 232|回复: 1

思科防火墙asa5520怎么设置登陆错误锁定?

[复制链接]
发表于 2021-3-17 14:34:38 | 显示全部楼层 |阅读模式
10可用金钱
思科防火墙asa5520,能不能设置管理员用户密码的复杂度,多种字符最小位数,以及用户登录错误几次锁定账户一定时间等等,设备本身有命令支持这些功能吗?

  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2021-3-17 17:41:58 | 显示全部楼层
本帖最后由 1540488497lcj 于 2021-3-17 17:43 编辑

请参考Cisco官方文档:https://www.cisco.com/c/en/us/td ... .html#pgfId-1711061


Configuring the Password Policy
[size=1.4]After you configure the password policy, when you change a password (either your own or another user’s), the password policy applies to the new password. Any existing passwords are grandfathered in. The new policy applies to changing the password with the username command as well as the change-password command.
PrerequisitesDetailed Steps
[size=1.4]

CommandPurpose
[size=1.4]Step 1
password-policy lifetime days
[size=1.6]ciscoasa(config)# password-policy lifetime 180
[size=1.4](Optional) Sets the interval in days after which passwords expire for remote users (SSH, Telnet, HTTP); users at the console port are never locked out due to password expiration. Valid values are between 0 and 65536 days. The default value is 0 days, a value indicating that passwords will never expire.
[size=1.4]7 days before the password expires, a warning message appears. After the password expires, system access is denied to remote users. To gain access after expiration, do one of the following:
  • Have another administrator change your password with the username command.
  • Log in to the physical console port to change your password.

[size=1.4]Step 2
password-policy minimum-changes value
[size=1.6]ciscoasa(config)# password-policy minimum-changes 2
[size=1.4](Optional) Sets the minimum number of characters that you must change between new and old passwords. Valid values are between 0 and 64 characters. The default value is 0.
[size=1.4]Character matching is position independent, meaning that new password characters are considered changed only if they do not appear anywhere in the current password.
[size=1.4]Step 3
password-policy minimum-length value
[size=1.6]ciscoasa(config)# password-policy minimum-length 8
[size=1.4](Optional) Sets the minimum length of passwords. Valid values are between 3 and 64 characters. We recommend a minimum password length of 8 characters.
[size=1.4]Step 4
password-policy minimum-uppercase value
[size=1.6]ciscoasa(config)# password-policy minimum-uppercase 3
[size=1.4](Optional) Sets the minimum number of upper case characters that passwords must have. Valid values are between 0 and 64 characters. The default value is 0, which means there is no minimum.
[size=1.4]Step 5
password-policy minimum-lowercase value
[size=1.6]ciscoasa(config)# password-policy minimum-lowercase 6
[size=1.4](Optional) Sets the minimum number of lower case characters that passwords must have. Valid values are between 0 and 64 characters. The default value is 0, which means there is no minimum.
[size=1.4]Step 6
password-policy minimum-numeric value ciscoasa(config)# password-policy minimum-numeric 1
[size=1.4](Optional) Sets the minimum number of numeric characters that passwords must have. Valid values are between 0 and 64 characters. The default value is 0, which means there is no minimum.
[size=1.4]Step 7
password-policy minimum-special value ciscoasa(config)# password-policy minimum-special 2
[size=1.4](Optional) Sets the minimum number of special characters that passwords must have. Valid values are between 0 and 64 characters. Special characters include the following: !, @, #, $, %, ^, &, *, '(‘ and ‘)’. The default value is 0, which means there is no minimum.
[size=1.4]Step 8
password-policy authenticate enable ciscoasa(config)# password-policy authenticate enable
[size=1.4](Optional) Sets whether users must change their password using the change-password command, instead of letting users change their password with the username command. The default setting is disabled: a user can use either method to change their password.
[size=1.4]If you enable this feature, if you try to change your password with the username command, the following error message appears:
ERROR: Changing your own password is prohibited
[size=1.4]You also cannot delete your own account with the clear configure username command. If you try, the following error message appears:
ERROR: You cannot delete all usernames because you are not allowed to delete yourself


  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
您需要登录后才可以回帖 思科 CCO 登录 | 思科 CCO 注册   

本版积分规则

Archiver | 思科社区  

GMT+8, 2021-4-13 16:38 , Processed in 0.075686 second(s), 31 queries .

京ICP备11014401号-17

© 2020 思科系统.版权所有 重要声明 | 保密声明 | 隐私权政策 | 商标 |

快速回复 返回顶部 返回列表