05-07-2020 06:14 PM - edited 05-07-2020 07:08 PM
hi,
was trying to google search but can't seem to find the answer.
just wondering what's the difference between aaa authorization exec authentication-server vs aaa authorization exec authentication-server auto-enable?
i know the latter since we're using them which automatically brings you to the ASA privilege exec mode # but how about the former?
ciscoasa(config)# aaa authorization exec authentication-server ?
configure mode commands/options:
auto-enable Allow authenticated users with sufficient privileges to
automatically enter privileged EXEC mode on login
<cr>
05-07-2020 06:38 PM
05-07-2020 06:56 PM
hi,
so it's the same as not having this line configured at all?
we currently don't have this line configured and i have to type my TACACS login twice just to get to privilege mode.
05-09-2020 04:42 PM
05-09-2020 06:03 PM
hi,
if you don't have 'auto-enable', you'll need to type your TACACS login twice: first when you login/SSH to the ASA, then second when the ASA asked for enable password.
you don't type the 'local' enable PW when you're doing AAA/TACACS.
05-09-2020 06:37 PM
05-08-2020 12:23 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide