Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
897
Views
0
Helpful
1
Replies

Issue Configuring AAA on ASA 5520

amit.rane
Level 1
Level 1

‎12-16-2012 10:31 PM - edited ‎03-10-2019 07:53 PM

Hello All,

We have an IAS (Internet Authentication Server) to authenticate all our network devices. This server is integrated with our local AD server so that we can use our domain credentials to login into the netwoerk devices. i have successfully configured all our L2 & L3 switches with IAS but facing issue with ASA 5520. Below is the config i have applied on ASA. When i am testing the authentication with IAS server, i am getting "Authentication Successful" message.

aaa-server AAA protocol radius

aaa-server AAA host 10.91.38.70

key *****

aaa authentication ssh console AAA LOCAL

..............................................................

INTMUM1FW0002# test aaa-server authentication AAA username amit.rane password ******

Server IP Address or name: 10.91.38.70

INFO: Attempting Authentication test to IP address <10.91.38.70> (timeout: 12 seconds)

INFO: Authentication Successful

INTMUM1FW0002#

INTMUM1FW0002#

..............................................................................

Also when i am trying to telnet the Firewall, i am directly getting password promt. I should first get the username promt wherein i can enter my domain username. Need help on this.

Thanks in advance.

Regards,

Amit R.

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎12-17-2012 08:05 PM

Hello Amit-

The telnet and ssh are treated separate so you will need to configure aaa for your telnet access as well:

aaa authenticaiton telnet console AAA LOCAL

Also, what version of code are you using on your ASA? Usually you need to specify the interface where the AAA server is located at. For example:

aaa-server AAAA (management) host 192.168.1.5 key **********

Hope this helps!

Thank you for rating!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents