Hi,
I am working on AAA for ASA . In IOS we can create AAA commands using specific group names and then apply it to aux , con , vty ( 0 - 15 ) but here in ASA I dont see putting con , ssh etc with AAA and it looks like it is applied globally simillar to the default keyword used in IOS .
EXAMPLE
Router :
aaa authorization commands 0 AAA group tacacs+ local
aaa authorization commands 15 AAA group tacacs+ local
aaa authorization exec AAA group tacacs+ local
line vty 0 4
exec-timeout 5 0
authorization commands 15 AAA
authorization exec AAA
ASA :
aaa authorization command acs LOCAL
The difference here is that in ASA it gets applied globally while my aim is not to apply this on Console and only to apply this with SSH sessions . Is there a way we can do it on per session basis on ASA ( ssh , console , telnet etc ) .