Here is a short how-to I wrote some (well ,long) time ago for the newcomers to our department. It was written for the PIX , but applies to ASA as well in most cases,see for ASA notes for differences. Usually it starts with client complaining about slow internet, or users …

Cisco starting IOS 12.3 introduced a simple but powerful feature to guard against brute force password guessing attack on remote access. The usual template followed when configuring VTY access is: Configure ACL containing management IPs to be allowed to access the router through VTY (Optional) Restrict VTY access protocol …