cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4364
Views
8
Helpful
5
Replies

Read only Account on ASA

I have 2 ASA's where I have to create a read-only account for an user to monitor sessions on the ASAs. The read-only account should only have permission to use ASDM and click on the Monitor tab? I donot use an AAA server at present. How can I do it? Helpful posts will be rated. Thanks in Advance.

5 Replies 5

Farrukh Haroon
VIP Alumni
VIP Alumni

Have a look at this:

http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/user/guide/devaccss.html#wp1218050

I'm assuming this works via the privilege command and no external AAA servers are required.

Regards

Farrukh

Thanks. I have rated the reply.

Thanks, let me know how it goes.

Regards

Farrukh

User complained that he is having the following error "You donot have sufficient priviliges to execute commands required to load ASDM. Please contact your System Administrator." on one ASA and looks like it works on other ASA. What might be the problem.

Thanks in Advance

Hi,

Can you post the configuration changes that you made to try to get this working? You should only need to create a privilege level 5 user and configure ASDM to use the local user database:

ASA(config)# username user1 password password123 priv 5

ASA(config)# aaa authentication http console LOCAL

-Mike

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: