We have a RO user created with privilege level 5 (local authentication and command authorization enabled), it works fine for other commands that are difined in privilege level 5. When we try to enable capture commands for level 5 user, could enable/clear but doesn't allow to remove capture.
bl-asa/cont2# sh curpriv
Username : rouser
Current privilege level : 5
Current Mode/s : P_PRIV
bl-asa/cont2# sh cap
capture _ type raw-data [Capturing - 0 bytes]
capture cap_out type raw-data interface outside [Capturing - 0 bytes]
match ip any host xx.yy.23.116
bl-asa/cont2# clear cap cap_out
bl-asa/cont2# no cap cap_out
ERROR: % Invalid input detected at '^' marker.
ERROR: Command authorization failed
Following are the commads that I enabled for capture
privilege cmd level 5 mode exec command capture
privilege show level 5 mode exec command capture
privilege clear level 5 mode exec command capture
Could someone please tell, what should be the privilege that needs to be set to remove the capture or if I have missed anything in the config.
Thanks in advance!
You are hitting a Cisco Bug (CSCsl57533)
You have to upgrade to any of the following:
Please rate if helpful.