Setting privilege level for logging into ASA through ACS

Unanswered Question
Feb 26th, 2008

Hi!,

In my environment i implemented AAA for logging into switches, routers, asa etc through ACS which is being configured TACACS+.

I have set different privilege levels like readonly, readwrite etc into ACS. There are working fine when i try to login into switch or router.

But in ASA i am unable to restrict the privilege levels of different users.

Can someone plz guide me with ASA & ACS setting to solve this issue!!!!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acharyr123 Thu, 02/28/2008 - 20:43

Hi!!

I tried this option. It is working fine with routers & switches. But for ASA privilege access it is not functioning.

I created 3 profiles in "Shared Profiles" & added 1 of them in Group setting & added users to this group with mentioning group authentication. This way i am able to control access to the switches & routers with proper privilege. But the same way when i tried to impolement ASA it's not happening.

Can u plz check it out...

Jagdeep Gambhir Thu, 02/28/2008 - 23:40

What is the acs ver ? Did you try PIX Command Authorization instead of shell command author set ?

Regards,

~JG

Actions

This Discussion