I have a ASA 5550 running multiple contexts, but having the AAA authentication serial console (TACACS Server Name) LOCAL allows a tacacs challenge on connecting to the console but I am then unable to issue any commands i.e. enable or Show Run - message command autherixation failed
Has anyone setup console (serial) TACACS and got it working?
The below are the commands which requires with respect to the console access.
aaa-server TACACS+ protocol tacacs+
aaa authentication serial console TACACS+ LOCAL
aaa authentication telnet console TACACS+ LOCAL
aaa authentication enable console TACACS+ LOCAL
aaa authentication ssh console TACACS+ LOCAL
aaa authentication http console TACACS+ LOCAL
So you should have both serial console and enable console for you settings. If you have these settings in your firewall. Also please check in the tacacs server end if privelage level is set properly for the same.
Please do rate if the given information helps.
I have those setting applied with also :-
aaa authorization command TACACS_Server LOCAL
aaa authorization exec authentication-server
My TACACS account is OK not locked.
On SSH connections it works perfect, but on console (serial) login it does not, TACACS login OK then you need to use the Local enable password (my tacacs password fails), this leaves you in the system area on mulitiple context ASA, you can switch to admin, context1 etc but then any commands fail.
all AAA commands are entered on the admin context