AAA enable authentication on ASA 5500

ddavenport-dcc · ‎11-21-2007

Hi

I'm hoping I've missed something basic here. I have an ASA5520 (V7.0(7)) I have enabled (I think) enable authentication with the following command:

aaa authentication enable console tacacs LOCAL

I can authentication to CLI ok with my ACS username/password but when I go to privilege exec mode using enable command I am prompted for a password rather that username/password. No matter what I enter I get access denied. I can login using the login command and authenticate via the local database so I am not locked out but I was wondering what I am doing wrong. Probably something simple but any help would be appreciated - Thanks

Jagdeep Gambhir · ‎11-24-2007

It seems that on acs you have not selected enable password.

ACS--->User setup---->Tacacs+ enable password. Use any option as per your need.

And try to login now.

Regards,

~JG

ddavenport-dcc · ‎11-25-2007

Hi

Thanks for your reply. I have already set the enable password option is ACS.

Regards

Dave

mm7138395 · ‎02-19-2008

Does this have to be set on a per user basis or can it be set in the group settings?

Jagdeep Gambhir · ‎02-19-2008

On user basis as this option is not there in group settings.

Regards,

~JG

Do rate helpful posts