Set the Hostname, Domain Name, and the Enable and Telnet Passwords
To set the hostname, domain name, and the enable and Telnet passwords, perform the following steps.
Before you begin
Before you set the hostname, domain name, and the enable and Telnet passwords, check the following requirements:
-
In multiple context mode, you can configure the hostname and domain name in both the system and context execution spaces.
-
For the enable and Telnet passwords, set them in each context; they are not available in the system.
-
To change from the system to a context configuration, enter the changeto context name command.
Procedure
Step 1 |
Specify the hostname for the ASA or for a context. The default hostname is “asa.” hostname name Example:
This name can be up to 63 characters. The hostname must start and end with a letter or digit, and have only letters, digits, or a hyphen. When you set a hostname for the ASA, that name appears in the command line prompt. If you establish sessions to multiple devices, the hostname helps you keep track of where you enter commands. For multiple context mode, the hostname that you set in the system execution space appears in the command line prompt for all contexts. The hostname that you optionally set within a context does not appear in the command line, but can be used by the banner command $(hostname) token. |
Step 2 |
Specify the domain name for the ASA. The default domain name is default.domain.invalid. domain-name name Example:
The ASA appends the domain name as a suffix to unqualified names. For example, if you set the domain name to “example.com” and specify a syslog server by the unqualified name of “jupiter,” then the ASA qualifies the name to “jupiter.example.com.” |
Step 3 |
Change the enable password. By default, the enable password is blank, but you are prompted to change it the first time you enter the enable command. enable password password Example:
The enable password lets you enter privileged EXEC mode if you do not configure enable authentication. The enable password also lets you log into ASDM with a blank username if you do not configure HTTP authentication. The password argument is a case-sensitive password of 3 to 127 characters long, and can be any combination of ASCII printable characters (character codes 32-126), with the exception of spaces and the question mark. This command changes the password for the highest privilege level (15). If you configure local command authorization, you can set enable passwords for each privilege level from 0 to 15 using the following syntax: enable password password level number The encrypted keyword (for passwords 32 characters and fewer in 9.6 and earlier) or the pbkdf2 keyword (for passwords longer than 32 characters in 9.6 and later, and passwords of all lengths in 9.7 and later) indicates that the password is encrypted (using an MD5-based hash or a PBKDF2 (Password-Based Key Derivation Function 2) hash using SHA-512). Note that already existing passwords continue to use the MD5-based hash unless you enter a new password. When you define a password in the enable password command, the ASA encrypts it when it saves it to the configuration for security purposes. When you enter the show running-config command, the enable password command does not show the actual password; it shows the encrypted password followed by the encrypted or pbkdf2 keyword. For example, if you enter the password “test,” the show running-config command output would appear as something similar to the following:
The only time you would actually enter the encrypted or pbkdf2 keyword at the CLI is if you are cutting and pasting a configuration file for use in another ASA, and you are using the same password. You cannot reset the password to a blank value. |
Step 4 |
Set the login password for Telnet access. There is no default password. The login password is used for Telnet access when you do not configure Telnet authentication. passwd password [encrypted] Example:
The password is a case-sensitive password of up to 16 alphanumeric and special characters. You can use any character in the password except a question mark or a space. The password is saved in the configuration in encrypted form, so you cannot view the original password after you enter it. If for some reason you need to copy the password to another ASA but do not know the original password, you can enter the passwd command with the encrypted password and the encrypted keyword. Normally, you only see this keyword when you enter the show running-config passwd command. |