cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2740
Views
0
Helpful
7
Replies

Cisco ASA- ACS 4.2

alkabeer80
Level 1
Level 1

Hi,

I have cisco asa 5580 software 8.2, transparent, multicontext. i am trying to add the context to ACS 4.2.

i have added the device name and ip to ACS

and use the following commands on ASA

aaa-server ACSSRV protocol tacacs+

aaa-server ACSSRV (management) host x.x.x.x

key hello

aaa authentication serial console ACSSRV LOCAL

aaa authentication enable console ACSSRV LOCAL

aaa authentication ssh console ACSSRV LOCAL

aaa authentication http console ACSSRV LOCAL

ssh to device ask for username and password which i passed normally, type enable it ask for password.

i put the same password it wont work i used local password it is not working, what should i do ????

thankssssssssssssssssss

1 Accepted Solution
7 Replies 7

alkabeer80
Level 1
Level 1

hi guys anyone can help in this ???

acs box check the fail log. If max session

Step 1 In the navigation bar, click Group Setup.

The Group Setup Select page opens.

Step 2 From the Group list, select a group, and then click Edit Settings.

The name of the group appears at the top of the Group Settings page.

Step 3 In the Max Sessions table, under Sessions available to group, select one of the following options:

•Unlimited—Allows this group an unlimited number of simultaneous sessions. (This action effectively disables Max Sessions.)

•n—Type the maximum number of simultaneous sessions to allow this group.

Step 4 In the lower portion of the Max Sessions table, under Sessions available to users of this group, select one of the following two options:

•Unlimited—Allows each individual in this group an unlimited number of simultaneous sessions. (This action effectively disables Max Sessions.)

•n—Type the maximum number of simultaneous sessions to allow each user in this group.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/g.html

Sent from Cisco Technical Support iPad App

Hi nishan,

all of the config u mentioned is there, plz check below screenshot

i did debug aaa for ASA from console connection, i got "Restting 10.1.1.1 numtries" (10.1.1.1 is the IP of tacacs server)

any help ???

Under the user settings there is an option to specify against what to check the enable password

either using the same pap password defined for the user account or spearate one or another defined on external

database.

Check this link and let me know how it goes and what do you have:

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/UsrMgt.html#wp273989

If it is still  filing what is the reason for failure in the failed attempts

thx for the reply, the URL is broken i can't access it