08-31-2009 09:14 PM
we have created a lmsadmin username in the ACS with privige access (authorization configuration) only. This username is used to take config archives from all the network devices.
But archive is getting failed in our firewall. When we give full access in ACS for lmsadmin (conf terminal access), it works for firewall.
As per our policy, we are not supposed to provide conf access to this user name.
Please suggest.
Regards,
Guru
Solved! Go to Solution.
08-31-2009 09:51 PM
In order for RME to archive the config from FWSM devices, it must be able to run the following commands:
show running
show config
show curpriv
conf t
terminal width 0 (within config mode)
terminal no monitor
Therefore, you will need to grant the RME user access to enter config mode.
08-31-2009 09:51 PM
In order for RME to archive the config from FWSM devices, it must be able to run the following commands:
show running
show config
show curpriv
conf t
terminal width 0 (within config mode)
terminal no monitor
Therefore, you will need to grant the RME user access to enter config mode.
08-31-2009 09:55 PM
Thanks for your response.
So this is applicable for any firewall device (PIX and ASA)?
Regards,
Guru
08-31-2009 10:17 PM
Yes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide