PIX Login issue

Unanswered Question
Oct 10th, 2009

Hello Champs,

I am using PIX-506E version 6.3(5)

In order to do a scheduled config download, my script is hard coded to login

with a user name and password and execute the show running command. However, since i have enable password configured, I am unable to exectue the show running from the user mode.

My question is I can create a different username & password, but the criteria is that it should go to the priviledge mode directly. Since my script is hard coded, i am unable to modify it. Below is the AAA commands for your reference. Any help is highly appreciated. Thanks in advance

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

aaa authentication ssh console LOCAL

aaa authorization command LOCAL

Regards,

Manoj

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
juan-ruiz Sat, 10/10/2009 - 05:07

Manoj,

I'm not sure if you can bypass the enable command to enter in enable mode.

Even thou the user privilege level is 15 it still has to execute enable mode.

Can your script input the enable command and enter stdin in the next prompt?

Try using the expect command.

http://en.wikipedia.org/wiki/Expect

manoj-wadhwa Sat, 10/10/2009 - 05:40

Hi Juan-ruiz,

Thanks for your prompt response.

I will have to speak to the backend team if the script has to be modified. Before that i would need a confirmation that going directly into the priviledge mode is not possible and any documentation supporting it? Is there any such documentation which supports this?

Best Regards,

Manoj

Actions

This Discussion