wr mem - privilege Level issue - Pix Firewall

sgalloway · ‎11-21-2007

Hi,

I have setup specific user level privileges for our Juniors to add and modify acl lists. I would like them also to issue the wr mem command from there level of access. But when l test this command under there level l get the following error :

acmi# wr mem

Building configuration...

Error executing command

[FAILED]

It maybe due to the fact that this level of access is denying them access to the flash or something to do with the cryptochecksum.

Here below are the current privilege levels l have setup.

privilege cmd level 2 mode exec command configure

privilege cmd level 2 mode exec command disable

privilege cmd level 2 mode exec command write

privilege show level 2 mode exec command access-list

privilege cmd level 2 mode configure command name

privilege cmd level 2 mode configure command access-list

It is a Pix 525UR with Version 7.2(2)

Thanks Simon Galloway

htarra · ‎11-27-2007

Privilege-level command tracing is provided through the PIX Firewall syslog, and privilege configuration updates are displayed in the show version command output. User authentication may occur either locally or through a TACACS+ server. This error is occurning because cryptochecksum is mismatching.

sgalloway · ‎11-27-2007

Thanks for your reply. So going by the privilege commands l have currently setup what additional priv command do l need to add to allow this user and level 2 to be able to do :

wr mem

without the cryptochecksum issue occuring.