Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1345
Views
0
Helpful
1
Replies

ASA console access via tacacs+

aconticisco
Level 2
Level 2

‎10-28-2020 08:34 AM

Hi,

 

aaa authentication for ssh/serial/console is set to tacacs and then local

aaa authorization command set to tacacs and then local

aaa authorization exec auth-server auto-enable

aaa accounting enable/serial/ssh set to tacacs-server

 

When logging in via SSH with tacacs available it goes straight to Priv Exec Mode

However via console when I enter same tacacs user/pass it goes in User Exec Mode and then if I type enable or login I get user/pass prompt but neither same tacacs one nor local ASA user one is accepted.

 

What is the difference between SSH and console and why I do not see the same behaviour (directly logged in to Priv Exec Mode) when tacacs server is available?

 

Thanks

0 Helpful
1 Reply 1

Aref Alsouqi
VIP
VIP

‎10-28-2020 10:41 AM

I'm not a 100% sure, but I think the auto-enable command does not apply to console accesses.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card