I've seen some posts on the forum regarding the use of AAA to login to an ASA in enable mode. I'm using a Server 2008 R2 NPS server, and I can successfully login. However, I'm using the NPS server to send back the Cisco AV-pair for 'priv-lvl=15'. I am expecting to login to the ASA and be in enable mode. I have seen other posts reference TACACS+, but we don't have ACS. Is TACACS+ a requirement for this? I remember reading in some other forums that it's a security feature on the ASA to not allow logging in directly to the enable mode.
Regards,
Scott
