08-02-2011 02:50 AM - edited 03-10-2019 06:16 PM
Hello,
We would like to backup our configuration of cisco ASA 5550.
We would like to know the attribut to give privilege 15 for the shell command in Radius.
We tried
- cisco-avpair : shell:priv-lvl=15
- cisco-avpair : shell:Admin*Admin
in the radius configuration but it doesn't work.
The connection is ok but we haven't the privilege 15.
Can you give us the good attribut to connect user in the enable shell in the cisco asa?
We thank you in advance.
LIEGEOIS Cédric
IT Security
08-04-2011 01:51 PM
Hi Cedric,
did you configure the ASA for command authrization?
aaa authorization command
aaa authorization exec authentication-server
08-04-2011 01:52 PM
You might need also this command.
aaa authentication enable console
08-05-2011 01:02 AM
Alex,
Thanks for your reponses.
This is my configuration for the aaa configuration:
and for the aaa-server:
The user can connect but it is in the normal mode. I try to connect my user directly in the exec mode.
The server is a radius server.
Thank you in advance.
LIEGEOIS Cédric
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide