Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
647
Views
2
Helpful
2
Replies

ACS authorization problem

thetnaing00
Level 1
Level 1

‎07-31-2008 07:26 PM - edited ‎03-06-2019 12:33 AM

hi,

i have enable the aaa command authorization tacacs+ for the ASA firewall.since i apply this, all connectiong through serial cable and telnet session go to authorize with ACS.

my question is that there is a way to enable command authorization for telnet session and NOT for serial console connection. thanks in advance.

Labels:
0 Helpful
2 Replies 2

Marwan ALshawi
VIP Alumni
VIP Alumni

‎07-31-2008 07:54 PM

then u have to use the comman

aaa authentication {telnet | ssh | http | serial} console {LOCAL |

server_group [LOCAL]}

for example:

aaa authentication telnet console [ur ACS server]

if u use ur telnet to the ASA inside interface add the following command

telnet 10.1.1.1 255.255.255.255 inside

in the above comand only host 10.1.1.1 will be permited

u can put 0.0.0.0 0.0.0.0 to permit any connection (which is not secure)

good luck

please, if helpful Rate

thetnaing00
Level 1
Level 1
In response to Marwan ALshawi

‎07-31-2008 09:09 PM

hi marwarishawi,

thanks for your reply. but you are talking about authentication not command authorization.i have done that authenticatin for telnet session and apply "aaa authorization command ".

the thing is authorization is appilicable to all telnet session PLUS serial console session which i don't want to get authorized.

i want serial console session to be able to use ALL commands insted of restricted. thanks again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card