AAA Authorization on PIX

Answered Question
Aug 21st, 2009
User Badges:

I have set up authentication and Authorization on the PIX. Authentication works but Authorization fails. I try to debug but nothing shows up (on PIX or ACS), but it does if I debug Authentication

Correct Answer by Jagdeep Gambhir about 7 years 12 months ago

Make sure you have enable authentication ,


aaa authentication ssh console TACACS LOCAL

aaa authentication telnet console TACACS LOCAL

aaa authentication enable console TACACS LOCAL

aaa authorization command TACACS LOCAL


Incase it does not work pls get aaa config


Regards,

~JG


Do rate helpful posts


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jagdeep Gambhir Fri, 08/21/2009 - 05:52
User Badges:
  • Red, 2250 points or more

Make sure you have enable authentication ,


aaa authentication ssh console TACACS LOCAL

aaa authentication telnet console TACACS LOCAL

aaa authentication enable console TACACS LOCAL

aaa authorization command TACACS LOCAL


Incase it does not work pls get aaa config


Regards,

~JG


Do rate helpful posts


networker99 Fri, 08/21/2009 - 05:59
User Badges:

-aaa authentication ssh console TACACS LOCAL

-aaa authorization command TACACS LOCAL

-aaa-server TACACS (inside) host [ip_address] [key] timeout 10



Jatin Katyal Fri, 08/21/2009 - 07:40
User Badges:
  • Cisco Employee,

PIX\ASA command authorization does require enable authentication in the config.


You need to turn on enable authentication:


Here is the command


aaa authentication enable console TACACS LOCAL


HTH


Regards,

JK




Jagdeep Gambhir Fri, 08/21/2009 - 08:24
User Badges:
  • Red, 2250 points or more

Hi Lewis,

Pls add enable authentication command to make it work.



Regards

~JG


Do rate helpful posts


Actions

This Discussion