01-07-2014 08:55 AM - edited 03-11-2019 08:26 PM
I'm running 9.1.4 on an ASA 5540.
I'm trying to setup a seperate privilege level so my rancid system can login and get the configuration, but can't actually change anything. I've put the following commands into the ASA config:
aaa authorization command LOCAL
username rancid password ... encrypted privilege 4
privilege show level 4 mode exec command running-config
privilege show level 4 mode exec command curpriv
But when I login as user rancid, I get no "show" command available to me.
What have I done wrong?
Thanks,
GTG
01-07-2014 10:41 AM
GTG-
Are you in exec mode? Have you tried a show run even though it doesn't show up?
01-07-2014 10:58 AM
Type help or '?' for a list of available commands.
asa-1/act>
asa-1/act> show run
^
ERROR: % Invalid input detected at '^' marker.
ERROR: Command authorization failed
asa-1/act> show curpriv
^
ERROR: % Invalid input detected at '^' marker.
asa-1/act>
:-(
01-07-2014 12:06 PM
Can you add an enable password to level 4-
enable password R@nCiDPaSsW0rD level 4
Once rancid logs in, can you type enable 4 and see if the commands work?
01-07-2014 02:30 PM
That works a treat.
Just to tell rancid to only try level 4.
Thanks,
GTG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide