I am not able to Upload any Local Policys on PIX 6.3

Unanswered Question
Feb 18th, 2008
User Badges:

Hi Pls help me out for CSM Policy Deployement ...

1) My PIX 6.3 is having AAA Tacacs configuration , when I am using user:csm configured on ACS (Tacacs ) with SSH/Telent I am able to Login and do all editing in config.

2) But when I am using same user:csm through CSM 3.1 to deploy any Policy it gives me below error given . I have check with ACS policy no issue becuase through SSH /Telnet I am able to do all changes using same user:csm

pls suggest on same


! COMMENT: Bulk request written; reading response...


Line# 2. (ERROR) Sent (Mon Feb 18 13:18:21 GMT+05:30 2008): access-list intdmz line 70 permit tcp host host

Received (Mon Feb 18 13:18:21 GMT+05:30 2008): Command authorization failed

! COMMENT: Device reported error here and stopped accepting further commands


Note : I am attaching all configuration for ur reference

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ivillegas Fri, 02/22/2008 - 07:37
User Badges:
  • Silver, 250 points or more

Are you integrating ACS with CSM. If you are using ACS.4x version then, it has two secret keys. One is for NDG and another one is for individual devices. Of the two,NDG secret key gets higher preference. so please check if NDG secret key is

identical with your CSM server secret key.

sachin.sg Wed, 02/27/2008 - 09:01
User Badges:

Thanks for replying

I have not integrated CSM 3.1 with ACS 4.1 .I am only using acs valid user i.e csm in CSM3.1 cerdentials .

But when I am doing ssh using putty from Windows 2003 Server machine on which CSM 3.1 install , I am able to make changes , but when Depolying the policies through CSM 3.1 getting error " Command Authorization Failed"

I am able to depoly policies on Router , but failed to Deploy on PIX 6.3(5)

Pls help me out on same


This Discussion