cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10812
Views
32
Helpful
2
Replies

AAA to bypass the enable password on the Cisco ASA

west33637
Level 1
Level 1

Hello all. I am having an issue where I am getting authenticated by the AAA server but after authentication I am placed in user mode. The AAA admin (I have no access to the AAA server) told me that he had all users configured with priv level 15 which takes them straight into privilege mode on the routers.

My question is how can I configure my Cisco ASA to bypass using an enable password. see my configuration below

aaa-server MYGROUP protocol tacacs+
max-failed-attempts 4
aaa-server MYGROUP (inside) host 2.2.2.2
timeout 3
key *****
aaa authentication telnet console MYGROUP LOCAL
aaa authentication enable console MYGROUP LOCAL
aaa accounting command privilege 15 MYGROUP

1 Accepted Solution

Accepted Solutions

Jatin Katyal
Cisco Employee
Cisco Employee

Looks like you want to jump directly to privelege exec mode. This feature is not supported by ASA. This can only be done on IOS devices.

Rgds, Jatin

Do rate helpful issues.

~Jatin

View solution in original post

2 Replies 2

Jatin Katyal
Cisco Employee
Cisco Employee

Looks like you want to jump directly to privelege exec mode. This feature is not supported by ASA. This can only be done on IOS devices.

Rgds, Jatin

Do rate helpful issues.

~Jatin

This feature released in version 9.1.5 with command:

aaa authorization exec auth auto-enable