06-20-2009 06:59 AM - edited 03-11-2019 08:46 AM
Hello,
I am stuck in Production environment. I did some changes. And now I am not able to do 'config t' on FWSM. THe response is 'ERROR: Command authorization failed'
Currently, there are total of 3 users. One is privilege level 2 (admin) and other two belong to privilege level 5. No user for privilege level 15.
I get into FWSM via ssh directly or via ssh into 6500 and then sessioning into FWSM.
How can I retain the privilege level 15 on FWSM. I am not close to the 6500 so I have not tried direct console.
I have not saved the configurations. The last change I did was 'aaa authorization command LOCAL' while 'aaa authentiction enable console LOCAL' was already present. Since there was no user with privilege level 15, and the admin was on level 2, now I am restricted to everything.
The current user config is while doing sh run
username admin password xxxxx encrypted
enable password yyyyyy encrypted
Please assist.
Thanks
06-20-2009 11:12 AM
Please check the following link
http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/monitor.html#wp1139700
06-20-2009 11:37 AM
Thanks. Is there a way to recover from lock out situation without doing FWSM reboot.
I would like to avoid it since it is in Production.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide