Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
0
Replies

SCP and ACS configuration Issue

csn000004
Level 1
Level 1

‎11-30-2015 09:52 PM - edited ‎03-10-2019 11:16 PM

Dear All,

I have configured the SCP on Cisco routers and switches, enable the below command for SCP as per below article.

aaa authorization exec default group tacacs+

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/xe-3s/asr1000/sec-usr-ssh-xe-3s-asr1000-book/sec-usr-ssh-sec-copy.html

Issue is if this is enabled on devices, all ACS users directly authenticated and land in enable mode on devices and have read/write access.

Is there any way we can restrict users and the same time SCP can work for admin users? Please help.

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents