Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
479
Views
0
Helpful
0
Replies

FWSM: AAA authentication using TACACS and local authorization

loveleen.kathuria
Level 1
Level 1

‎04-03-2013 08:10 AM - edited ‎03-10-2019 08:16 PM

Hi All,

In our setup, we are are having FWSMs running version 3.2.22 and users are authenticating using TACACS (running cisco ACS). We would like to give restricted access ( some show commands ) to couple of users to all devices. We do not want to use TACACS for command authorization.

We have created users on TACACS and  not allowed "enable" access to them. I have also given those show commands locally on the firewall with privilege level 1. and enabled aaa authorization LOCAL

Now , those users can successfully login to devices and execute those show commands from priv level 1 except "sh access-list".  I have specifically mentioned this

"privilege show level 1 mode exec command access-list"  in the config.

Is there anything i am missing or is there any other way of doing it?

Thanks.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents