Local authorization on PIX versus IAS authentication

Unanswered Question
Dec 31st, 2003
User Badges:

How do you configure pix to authenticate locally when using console and Radius on ssh. The problem we are having is if we enable Radius authentication, it tries to authenticate the enable password on the IAS when we console in. If we set to local, it uses the local password when we ssh. Also on the RAS policy on the IAS server, we added the AV-Pair shell:priv-lvl=15, however it still requires the ena password. We are also having the same problem with the local username.

username jdoe password secret privilege 15

aaa authentication ssh console radius

aaa authentication serial console local

Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
umedryk Tue, 01/06/2004 - 11:26
User Badges:
  • Bronze, 100 points or more

May be you can just change previledge level to get more granular control.


This Discussion