Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
493
Views
0
Helpful
3
Replies

help with AAA config- stuck and need assistance

mjsully
Level 1
Level 1

‎09-23-2008 09:41 AM - edited ‎03-10-2019 04:06 PM

I have an ASA firewall in which I need these requirements.

There will be three local accounts defined on the ASA. I need one of these accounts to have to enter an enable password when accessing privileged enable mode. The other two accounts I want to take directly to privileged mode after authenticating with their local username and password. All connections to the ASA will be via SSH, if that matters. How do I set this up?

Labels:
0 Helpful
3 Replies 3

Jagdeep Gambhir
Level 10
Level 10

‎09-24-2008 05:01 AM

In ASA user cannot fall directly to enable mode since exec authorization is not supported.

Please see this link,

http://www.ciscotaccc.com/security/showcase?case=K25224726

Regards,

~JG

Do rate helpful posts

0 Helpful

mjsully
Level 1
Level 1
In response to Jagdeep Gambhir

‎09-24-2008 06:35 AM

but doesn't this pertain to TACACS+ and RADIUS authentication? All my accounts are locally defined on the ASA itself, nothing goes to an external authentication server.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10
In response to mjsully

‎09-24-2008 07:44 AM

It also applicable for local authentication. ASA does not perform exec authorization, no matter what db or protocol we use.

Regards,

~JG

Do rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents