Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
316
Views
0
Helpful
1
Replies

Cisco ACS 5.5 - ASA firewall ready only access

Mohd Imtiaz Hussain
Level 1
Level 1

‎08-21-2015 05:48 AM - edited ‎03-10-2019 10:59 PM

Hi,

I want restrict ready only access for few user's to ASA firewall through ACS 5.5. I have applied the rule but its not working.

Same readyonly access rule is working for switches. Please share the solution.

Labels:
0 Helpful
1 Reply 1

Ivan Gonzalez
Cisco Employee
Cisco Employee

‎08-28-2015 02:32 PM

Hi,

 

Can you please share AAA and tacacs configuration of your ASA?

 

Additional to this, when you check the ACS reports under "Monitoring and reports" section, is it showing you are hitting the exact same rule than switches?

Now, the read only access would be determined based on the commands you authorize on the ACS "Command Sets", so if you do not have command authorization enabled on the ASA, even if you hit the exact same rule, it will never perform command authorization against the ACS and there will be no deny for the non read-only commands.

 

 

0 Helpful
Customers Also Viewed These Support Documents