Need some one help

Unanswered Question
Jul 17th, 2008


Iam trying to adding the PIX firewall to my newly installed the ACS server.

after adding all the required commands still i am unable to access the firewall using local user only.

my firewall is already having some aaa commands earlier. and i am unable to clear that lines.

PIX515# sh run | inc tacacs

aaa-server TACACS+ protocol tacacs+

PIX515# sh run | inc aaa

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local


some body please help me how to delete the above commands and what are the command that i have to place.

Pix Version:

Cisco PIX Firewall Version 6.3(4)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dhananjoy chowdhury Thu, 07/17/2008 - 09:39

Hi, these are the commands yo need

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ host cisco

aaa authentication http console TACACS+ local

aaa authentication ssh console TACACS+ local

aaa authentication telnet console TACACS+ local

Also create a local admin user =

username admin password admin privilege 15

Now, to delete the old code, if you have not done "write mem" then a reboot will do.

or else you will have to follow the procedure given in this link :

chaitu_kranthi Fri, 07/18/2008 - 18:13


i can able to login to the device using local username & password. i.e. telnet iam able to login.ssh is not allowing me.

now tell me how can remove the previous commands with out rebooting the device.


This Discussion