Showing results for 
Search instead for 
Did you mean: 

Accessing an ASA 8.2.1 0 -AAA

Level 1
Level 1


the only way I can access my ASA is via SSH. It asks me for username which I put "pix" and for the password, I put the enable password I created.

This however only gets me half way in because it then asks for the enable password. I type the enable password and I get in.

I created the command "aaa authentication ssh console LOCAL" and now as soon as I ssh to the ASA, it won't let me type the default username pix with the default enable password for the password... this is actually good because I am now forced to type the local credentials however when I do that, I am still not getting into privelele mode. I still have to type the enable password.

How can I configure the ASA to have user's (with level 15) type their credentials and get directly into privilege mode without the ASA asking them for the enable password???

I don't want give out the enable password to every admin that needs to access the ASA...

any help will be appreciated

5 Replies 5

Yudong Wu
Level 7
Level 7

ASA is not like IOS box. In IOS box, you can let user get into enable mode directly after login. This feature is not available on ASA as far as I know.

are you sure?

how can you have delegated accounts then on an ASA?

are you then saying that every admin will have to know the enable password?

As far as I know, it's impossible on ASA.

it's hard to beleive... so how do you properly delegate access to an ASA to few different administrators?

there has to be a way.

you can setup enable password in different levels.

user pass level <#>

When they login, they need use "enable " and related enable password to login.

Review Cisco Networking for a $25 gift card