Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
2
Replies

ASDM (ASA9.1) won't fully initiated when configured AAA command authorization

a12288
Level 3
Level 3

‎01-28-2014 01:04 PM - edited ‎03-11-2019 08:37 PM

ASA doesn't have any local account, all authentications is done via AAA.

On AAA, we have two "groups" both assigned to privilege_15, one group (A) can issue all commands, another group (B) only can issue command sets we defined.

Group A can login to ASDM without any problems.

Group B can pass the login pop up, then start to load ASDM window, at the bottom it does show login user has privilede 15, then it's stopped at "parsing running configuration..." asd login screen pops up again, and I cannot pass it.

I suspect it's somewhere in permisssion, can someone help? thanks.

Leo Song

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-28-2014 04:59 PM

Hello,

There are some commands that are required in order to load the ASDM

privilege show level 3 mode exec command logging

privilege show level 3 mode exec command blocks

Make sure you have them

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

a12288
Level 3
Level 3
In response to Julio Carvajal

‎01-29-2014 07:55 AM

I dived into the AAA log, and found out I need to add this into AAA comand_set:

CmdSet=[ CmdAV=read ]

But command 'read' is not even in ASA CLI or documentation, does anyone know what it is for?

Leo Song

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card