The configuration below will allow RiskAnalytics servers to access your firewall in order to add/remove and pull shun statistics. Please do not use the supplied passwords. The autoshun username is fine but may be changed if you wish. RiskAnalytics will need the configured username and passwords plus the external IP address of the firewall. If you have your firewalls in active/standby failover, we will need the standby external IP also.
Note: These commands have been tested and should have no unexpected effects on your firewall. Your current firewall configuration might have some effect and we can not be responsible for any changes. Please review the commands along with your current configuration before implementing."
============= Cisco ASA Commands ===================================================
! SSH access to the firewall must be enabled. Please see http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118075-configure-asa-00.html#anc9 for more information on this.
! Allow authorization at local level
aaa authorization command LOCAL
! Create user at level 3
username autoshun password Th1sisy0urpa5sword privilege 3
enable password f0r@utoshun1eve13 level 3
! Set allowed commands for level 3
privilege cmd level 3 mode exec command shun
! show running-config below is optional and not required. It can make trouble shooting easier
privilege show level 3 mode exec command running-config
privilege show level 3 mode exec command version
privilege show level 3 mode exec command shun
privilege clear level 3 mode exec command shun
! allow our servers to ssh in.
ssh 220.127.116.11 255.255.255.224 outside
ssh 18.104.22.168 255.255.255.224 outside
ssh 22.214.171.124 255.255.255.224 outside
! And last but not least.... save it
================= End of commands ======================