Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1041
Views
0
Helpful
2
Replies

ACS 4.2 and ASA Firewall 8.x

JUSTIN LOUCKS
Level 1
Level 1

‎04-20-2010 06:37 AM - edited ‎03-10-2019 05:04 PM

We recently upgraded our ASAs from 7.x to 8.x code. When we did this, the members of our designated "HelpDesk" group in ACS were no longer able to login to ASDM or use Telnet/SSH. I see entries in the ACS failed attempts around NAR but cannot figure out what I'm missing. We do use a NAR to limit their commands to only show, ping, traceroute, etc.  Has anyone else ran into this? Is there something additional that needs done in the ASA code?

Message type -- Authen failed

Failure code -- User Access Filtered

Details -- Access Filter CardLog HelpDesk from Cardlog HelpDesk did not permit any criteria. This is sufficient to reject an 'All Selected' SPC NAR config.

Labels:
0 Helpful
2 Replies 2

Javier Henderson
Level 4
Level 4

‎04-20-2010 10:03 AM

Are you using a NAR to restrict commands, or a shell command set?

0 Helpful

JUSTIN LOUCKS
Level 1
Level 1
In response to Javier Henderson

‎04-20-2010 10:14 AM

Both I guess...

Preview file
123 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents