Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 4.2 and ASA Firewall 8.x

We recently upgraded our ASAs from 7.x to 8.x code. When we did this, the members of our designated "HelpDesk" group in ACS were no longer able to login to ASDM or use Telnet/SSH. I see entries in the ACS failed attempts around NAR but cannot figure out what I'm missing. We do use a NAR to limit their commands to only show, ping, traceroute, etc.  Has anyone else ran into this? Is there something additional that needs done in the ASA code?

Message type -- Authen failed

Failure code -- User Access Filtered

Details -- Access Filter CardLog HelpDesk from Cardlog HelpDesk did not permit any criteria. This is sufficient to reject an 'All Selected' SPC NAR config.

Everyone's tags (2)
Cisco Employee

Re: ACS 4.2 and ASA Firewall 8.x

Are you using a NAR to restrict commands, or a shell command set?

New Member

Re: ACS 4.2 and ASA Firewall 8.x

Both I guess...

CreatePlease to create content