Command Authoristaion Failed on ASA 55XX Series

jkbnetwork · ‎11-11-2008

I just added ASA firewall to Cisco ACS 3.2

using commands as follows

aaa-server ciscoacs protocol tacacs+

aaa-server ciscoacs host 172.X.X.X

key Im@&yo

aaa authentication telnet console ciscoacs

I am able to login in into ASA (authentication passes successfully) and go to enable mode but i am unable to execute any command and it shows error as

Command Authorisation failed

i tried to add some more commands as follows

aaa authentication serial ciscoacs

aaa authentication ssh ciscoacs

aaa authentication secure-http-client ciscoacs

aaa authorization command ciscoacs

aaa accounting command ciscoacs

but dont know whether they were added to ASA configuration file or not as i cannot execute any command from privilege mode not even am able to exit from ASA using CLI

Kindly ket me know how can i be able to go into configuration mode so that aa server commands are removed

Collin Clark · ‎11-11-2008

Remove the IP address of the firewall in your AAA server. It will then timeout and use local authentication and authorization.

Hope that helps.

jkbnetwork · ‎11-11-2008

Hi Clark

the username cisco with privilege level 15 stands removed from the ASA configuration.

SO what next

Collin Clark · ‎11-12-2008

Please re-read my post. You will need a local username and password as well.

hayethamza · ‎01-16-2009

hi

I am the same probleme

I use the applaince ACS 4.2 ans asa5520 ver 7.25

I am able to login in into ASA (authentication passes successfully) and go to enable mode but i am unable to execute any command

same configuration works with router IOS

help me.

hayethamza · ‎01-16-2009

hi

I am the same probleme

I use the applaince ACS 4.2 ans asa5520 ver 7.25

I am able to login in into ASA (authentication passes successfully) and go to enable mode but i am unable to execute any command

same configuration works with router IOS

help me.