Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10810
Views
32
Helpful
2
Replies

AAA to bypass the enable password on the Cisco ASA

Go to solution
west33637
Level 1
Level 1

‎02-08-2011 11:46 AM - edited ‎03-10-2019 05:48 PM

Hello all. I am having an issue where I am getting authenticated by the AAA server but after authentication I am placed in user mode. The AAA admin (I have no access to the AAA server) told me that he had all users configured with priv level 15 which takes them straight into privilege mode on the routers.

My question is how can I configure my Cisco ASA to bypass using an enable password. see my configuration below

aaa-server MYGROUP protocol tacacs+
max-failed-attempts 4
aaa-server MYGROUP (inside) host 2.2.2.2
timeout 3
key *****
aaa authentication telnet console MYGROUP LOCAL
aaa authentication enable console MYGROUP LOCAL
aaa accounting command privilege 15 MYGROUP

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎02-08-2011 02:21 PM

Looks like you want to jump directly to privelege exec mode. This feature is not supported by ASA. This can only be done on IOS devices.

Rgds, Jatin

Do rate helpful issues.

~Jatin

View solution in original post

2 Replies 2

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎02-08-2011 02:21 PM

Looks like you want to jump directly to privelege exec mode. This feature is not supported by ASA. This can only be done on IOS devices.

Rgds, Jatin

Do rate helpful issues.

~Jatin

Go to solution
purohit_810
Level 5
Level 5
In response to Jatin Katyal

‎01-22-2015 11:56 AM

This feature released in version 9.1.5 with command:

aaa authorization exec auth auto-enable

Customers Also Viewed These Support Documents