10-13-2008 01:27 AM - edited 03-11-2019 06:56 AM
Dears,
As we know in Routers, we create a local Username/password and configure the vty line with "privilege level 15" command and the user will go directly to priv mode.
how can we do this in ASA/FWSM??? I have done AAA and also Local U&P, the users gets authenticated and goes to user mode and again we have to type the enable mode password to proceed...
Is there any command in ASA, which does the same function as "pri lev 15" in Cisco IOS.
thanks
10-13-2008 01:59 AM
Hi
Use following commands
"username xxxxxx password yyyyyyyy privilege 15"
Default privilege level is 2
HTH...rate if helpful..
10-13-2008 07:55 AM
Dear Mr.Satish,
Thanks a lot for your reply... I tried doing this and it didnt work.. Moreover, we need to add local aaa group for the firewall to prompt username/password during telnet session... I have done those and it still goes to usermode only.
Also, if you authenticate the username/password from MS AD using ACS server, how can we give privilege 15 to that particular user.
Kindly comment..
thanx, Mr.Satish
10-13-2008 08:06 AM
Do you have this?
aaa authentication telnet console LOCAL
10-13-2008 08:16 AM
Dear Mr.Adam,
Great to see you replying my post...
Yes.. I have done this command and tried and it didnt work. then, i tried the other command too (enable console LOCAL) (Just to make sure)
aaa authentication telnet console LOCAL
aaa authentication enable console LOCAL
username test password test pri 15
Still, it stops me in Usermode.. Perhaps, should i try to remove that enable/telnet password and leaving only these commands???
Thanx, Mr.Adam
10-13-2008 08:59 AM
Hello Hameed,
It is my understanding that what you are trying to do on the ASA is not possible. Atleast, that is my experience with ASA and 7.0 code. I tried this in the lab long time ago, when ASA and 7.0 was released.
I would be interested to take a look at your configuration/setup, in case you tweak something and get this working.
Regards,
Arul
** Please rate all helpful posts **
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: