Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5512-X, ASA 5508-X, 5506W-X
Description: This article is to discuss the default username and password of the Cisco ASA Firepower or SFR module. This is valid for all Cisco 5500-x series firewalls i.e. ASA 5506-X, ASA 5512-X, ASA 5508-X, 5506W-X running on different versions of the software.
Introduction
If you have new Cisco ASA firewalls with FirePower and you are looking to set them up, you would need to set up the FirePower or SFR module as well. The FirePower or SFR Module can be set up locally or at a remote site. FirePower could be added to a centralized managed system of Cisco known as FMC. FMC stands for FirePower Management Center.
For the initial setup of FirePower, you would need to log in to the SFR module using the default username and password. The default username and password for Cisco FirePower varies based on the version of the SFR Module. The default username and password of Firepower of different versions of the software are mentioned below.
Confirm SFR Module Version
To check and confirm the software version of the SFR module or FirePower follow the steps below
Step1: SSH onto ASA
SSH onto the Cisco Firewall or ASA
Step2: Login
Login to the firewall using username and password.
login as: admin
WARNING!
Access to this device is restricted to authorized personel of edledge team only. If you are not an
authorized user, disconnect now. Any attempts to gain unauthorized access will be prosecuted to the
fullest extent of the law.
edledge-asa's password: edledge.com
User admin logged in to edledge-asa
Logins over the last 7 days: 353. Last login: 04:00:14 EST Jan 3 2022 from 10.0.1.2
Failed logins since the last login: 0.
Type help or '?' for a list of available commands.
edledge-asa> en
Password: ************
edledge-asa#
Step3: Version Confirmation
Execute the command shown below to confirm the SFR module version. In the below example the Cisco ASA image version is 9.13(1)10 and the SFR module version is 6.4.0-102.
edledge-asa# sh module
Mod Card Type Model Serial No.
---- -------------------------------------------- ------------------
1 ASA 5508-X with FirePOWER services, 8GE, AC, ASA5508 JAD12345678
sfr FirePOWER Services Software Module ASA5508 JAD12345678
Mod MAC Address Range Hw Version Fw Version Sw Version
---- --------------------------------- ------------ ------------ ------
1 f4db.3738.3738 to f4db.3738.3738 3.2 1.1.13 9.13(1)10
sfr f4db.3738.3738 to f4db.3738.3738 N/A N/A 6.4.0-102
Mod SSM Application Name Status SSM Application Version
---- ------------------------------ ---------------- -------------------
sfr ASA FirePOWER Up 6.4.0-102
Mod Status Data Plane Status Compatibility
---- ------------------ --------------------- -------------
1 Up Sys Not Applicable
sfr Up Up
Software Version earlier than 6.0
The default password of Cisco FirePower for the SFR module of version earlier than 6.0 is
username = admin
Password = Sourcefire
Software Version 6.0 or later
The default password of Cisco FirePower for the SFR module of version 6.0 or above is
username = admin
Password = Admin123
Software Version 7.0.1
The default password of Cisco FirePower for the SFR module of version 7.0.1 is
username = admin
password = Adm!n123
You could change the password of Cisco ASA Firepower anytime as per requirement.
Sometimes FirePower causes issues like Unsupported SFR module or Unwanted failover due to the SFR module which can be solved. Refer to the article if you are looking to activate the license of Cisco FirePower or to re-image the ASA SFR module.
Source: Cisco, Lab, Knowledge Base
EA00092