Licensing requirements for cli parameters, Guidelines and limitations, Configuring a login banner – Cisco ASA 5505 User Manual

37-7

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 37 Configuring Management Access

Configuring CLI Parameters

Licensing Requirements for CLI Parameters

The following table shows the licensing requirements for this feature:

Guidelines and Limitations

This section includes the guidelines and limitations for this feature.

Context Mode Guidelines

Supported in single and multiple context mode.

Firewall Mode Guidelines

Supported in routed and transparent firewall mode.

Configuring a Login Banner

You can configure a message to display when a user connects to the ASA, before a user logs in, or before
a user enters privileged EXEC mode.

Restrictions

After a banner is added, Telnet or SSH sessions to ASA may close if:

•

There is not enough system memory available to process the banner message(s).

•

A TCP write error occurs when trying to display banner message(s).

Guidelines

•

From a security perspective, it is important that your banner discourage unauthorized access. Do not
use the words “welcome” or “please,” as they appear to invite intruders in. The following banner
sets the correct tone for unauthorized access:

You have logged in to a secure device. If you are not authorized to access this

device, log out immediately or risk possible criminal consequences.

•

See RFC 2196 for guidelines about banner messages.

Model

License Requirement

All models

Base License.