AAA enable authentication on ASA 5500

Unanswered Question
Nov 21st, 2007


I'm hoping I've missed something basic here. I have an ASA5520 (V7.0(7)) I have enabled (I think) enable authentication with the following command:

aaa authentication enable console tacacs LOCAL

I can authentication to CLI ok with my ACS username/password but when I go to privilege exec mode using enable command I am prompted for a password rather that username/password. No matter what I enter I get access denied. I can login using the login command and authenticate via the local database so I am not locked out but I was wondering what I am doing wrong. Probably something simple but any help would be appreciated - Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Sat, 11/24/2007 - 05:51

It seems that on acs you have not selected enable password.

ACS--->User setup---->Tacacs+ enable password. Use any option as per your need.

And try to login now.



ddavenport-dcc Sun, 11/25/2007 - 22:21


Thanks for your reply. I have already set the enable password option is ACS.



mm7138395 Tue, 02/19/2008 - 05:25

Does this have to be set on a per user basis or can it be set in the group settings?

Jagdeep Gambhir Tue, 02/19/2008 - 06:05

On user basis as this option is not there in group settings.



Do rate helpful posts


This Discussion