Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1209
Views
0
Helpful
2
Replies

Device admin not able to execute command a Cisco ASA CLI after TACACS authentication

Steven Chua
Level 1
Level 1

‎06-17-2012 06:40 AM - edited ‎03-10-2019 07:12 PM

Hi All,

I have setup a Cisco ASA with the device admin access to be authencticatedand authorizated with a Cisco ACS v 5.2. However, I am not able to exeute and command at the CLI even I have authenicated successfully. I have configure the Cisco ACS to permit all command and to set the shell prviliages to 15.

Please advice.

Thks and Rgds

Labels:
0 Helpful
2 Replies 2

Jatin Katyal
Cisco Employee
Cisco Employee

‎06-17-2012 12:07 PM

Looks like you are getting "command authorization failed".

Did you check this option under policy element > device administration > command set > edit >

  "Permit any command that is not in the table below"

Do we have the same/correct command set selected under the access-policies > default device admin > authorization > edit rule > check what we have in command set selected option.

If it's not visible there, then on the same page you need to click on customise tab in the right bottom corner and move the command set option on the right set.

Hope this adds some direction.

Regards,

Jatin

Do rate helpful posts-

~Jatin
0 Helpful

maldehne
Cisco Employee
Cisco Employee

‎06-18-2012 06:49 AM

What is the authorization failure reason if there is any in the logs?

0 Helpful
Customers Also Viewed These Support Documents