For access to the ASA using the command line this is fairly easy and is quite similar to the way you would do it with other Cisco routers or switches. When you log in you are at the user mode which supplies read only access and you use the enable command to get to privilege mode and ACS can be configured to differentiate users who should get level 15 access from those who should not get level 15 access.
But accessing the ASA using the ASDM is quite different. ASDM defaults to giving a user capability to use commands at advanced privilege mode. I worked on this issue for a customer and found a solution. We created authorization sets and one authorization command set contained show commands and a few other things that we wanted restricted users to be able to do. And we configured ACS to assign this authorization command set to those users who should be read only. (and we had a authorization command set which contained access to all commands to be used for users who should have full access.) We did this using the 4.2 version of ACS so the mechanics of what we did would be quite different from what you would need to do with 5.2. But I hope it gives you some insight into how to approach this.
I want to know how to give read-only access to Cisco ASA firewall using TACACS+ through the
Cisco Secure ACS server 5.8 (The TACACS+ server).
I am having router switch and ASA firewall in a group and i am able to full access all devices using TACACS+ but I want to create separate firewall group and user to provide only read access to firewall device only.
I want to assign read-only access to the Cisco ASA Firewall using TACACS+ through Cisco ACS server. I'm new to this so a complete breakdown would be much appreciated.
Cisco recently announced the availability of the IOS-XE train – IOS-XE Cupertino 17.7.1. This is a standard maintenance release supporting switching, wireless, SP-Access, Routing as well as IoT (Internet of things) platforms with a sustaining support life...
What is AppQoE?
AppQoE is a WAN optimization stack and optimizes WAN traffic for different use cases for applications that are deployed on-prem or in cloud.
What are the benefits of using AppQoE?
AppQoE improves application experience by d...
The application delivery challenges have been the enemy of network since the advent of Internet. So, what are these application delivery challenges that can bring down a network to its heels?
Above are some of the common problems faced not only by tradit...
It is our pleasure to officially announce the finalists in the 2021 IT Blog Awards. Now we are looking to YOU, our amazing tech community, to weigh in. Check out the amazing educational content we've uncovered and vote for your favorites before Friday, Fe...