04-09-2008 11:47 AM - edited 03-10-2019 03:46 PM
Hi there. I'm trying to setup AAA on an ASA 5510. I've got an ISA server setup and AAA authentication is working properly. Is there any way to have the ASA recognize a username and assign an appropriate Privilege level? As far as I can tell it gives you level 15 once you authentication properly.
If ISA can't do this, what's the recommended path to accomplish this, keeping in mind that I can't afford the Cisco ACS software.
Thanks in advance!
04-15-2008 06:02 AM
Ah I guess you're using a named authorization method rather than the default one which is why it need applying to the VTY lines. The default method would apply to all lines where not already configured.
Try this:
ROUTER#config t
Enter configuration commands, one per line. End with CNTL/Z.
ROUTER(config)#line vty 0 4
ROUTER(config-line)#privilege level 15
ROUTER(config-line)#end
ROUTER#
04-15-2008 06:27 AM
Thanks for the response. It looks like your code example is for a router... I'm looking for some assistance with a PIX/ASA. I tried adding the command "aaa authorization include telnet inside x.x.x.x x.x.x.x" and it returned "Authorization is not supported in RADIUS."
Does anyone have an easy to use/easy to implement Tacacs server that is not thousands of dollars?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: