06-07-2013 08:29 AM - edited 03-11-2019 06:54 PM
I have several users in a local aaa setup. Logging in works, but i have to enter ENABLE to get into enable mode, and then just reenter my login password.
Using the local database is there a way to log right into Enable mode from the command line?
Solved! Go to Solution.
06-09-2013 11:57 AM
Unfortunately, this can not be done even with local database, this is by design.
This may provide you more info:
https://supportforums.cisco.com/thread/2201512#3888667
Jatin Katyal
- Do rate helpful posts -
06-07-2013 09:49 AM
Hello,
For this you will need to use exec authorization and make sure the user has an Execution privilege and enable privilege of 15 so the ASA sees the user as a Super User and access to enable mode (Priv 15) will be granted,
Julio Carvajal
Hey remember to rate all of the helpful posts, as important as a thanks (keep us motivated)
06-07-2013 10:30 AM
FW# sh run aaa
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa local authentication attempts max-fail 5
aaa authorization exec authentication-server
FW# sh run username
username wstoffel password W4Ii8sjkdRzfAci encrypted privilege 15
username wstoffel attributes
service-type admin
Which part am i missing then? Service type admin isn't even really needed as it's the default.
Thanks a bunch!
06-07-2013 12:06 PM
Hello,
Provide
debug aaa authentication
debug aaa authorization
Regards,
Hey remember to rate all of the helpful posts, as important as a thanks (keep us motivated)
06-07-2013 01:48 PM
Logged into the command line and in enable mode i enter those commands.
Then on another console I log in with the same creds, and also with another account, and there's no debug output on that original console screen.
Apparently I'm missing something
06-07-2013 02:29 PM
add
terminal monitor
do it again
regards
06-09-2013 11:57 AM
Unfortunately, this can not be done even with local database, this is by design.
This may provide you more info:
https://supportforums.cisco.com/thread/2201512#3888667
Jatin Katyal
- Do rate helpful posts -
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide