AAA enable authentication on ASA 5500

Unanswered Question
Nov 21st, 2007

Hi

I'm hoping I've missed something basic here. I have an ASA5520 (V7.0(7)) I have enabled (I think) enable authentication with the following command:

aaa authentication enable console tacacs LOCAL

I can authentication to CLI ok with my ACS username/password but when I go to privilege exec mode using enable command I am prompted for a password rather that username/password. No matter what I enter I get access denied. I can login using the login command and authenticate via the local database so I am not locked out but I was wondering what I am doing wrong. Probably something simple but any help would be appreciated - Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Sat, 11/24/2007 - 05:51

It seems that on acs you have not selected enable password.

ACS--->User setup---->Tacacs+ enable password. Use any option as per your need.

And try to login now.

Regards,

~JG

ddavenport-dcc Sun, 11/25/2007 - 22:21

Hi

Thanks for your reply. I have already set the enable password option is ACS.

Regards

Dave

mm7138395 Tue, 02/19/2008 - 05:25

Does this have to be set on a per user basis or can it be set in the group settings?

Jagdeep Gambhir Tue, 02/19/2008 - 06:05

On user basis as this option is not there in group settings.

Regards,

~JG

Do rate helpful posts

Actions

This Discussion