I share the admin of a firewall with another a company. At the moment im unable to run any commands as i get the following error after logging in and then entering the enable password.
"Command authorization failed"
Im not sure if they have made any changes but the last change i made was to reconfigure the remote access VPN to use AAA Authentication against a MS IAS (radius server).
Here are the AAA commands before and after my change.
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
aaa authorization command LOCAL
I then added the following lines.
aaa-server vpnauth protocol radius
aaa-server vpnauth max-failed-attempts 3
aaa-server vpnauth deadtime 10
aaa-server vpnauth (inside) host X.X.X.X PASSWORD timeout 5
And reconfigure the crypto map to use vpnauth. Remote access works fine but im totally restricted when i try and login via telnet or ssh.
Does anyone know why im locked out?
Appreciate any help as im stumped.