Using AAA on a PIX, authentication works fine and the AAA user has full rights over PIX, but aaa authorization always fails when going into conf t
This happens when we have command authorization enabled on ASA
and try to run any level 15 command on ASA.
Please check the ASA configuration and see if you are missing this command:
aaa authentication enable console LOCAL
on the ACS make sure that enable level privilege is level 15
Plz rate helpful posts-