ACS 5.5 - Issue where cannot login directly into Priv Exec
Hi, I have configured the ACS 5.5 following a number of documents, the last one being a support forum doc, "How to Configure tacacs Authentication and Authorization for Admin and non-Admin users in ACS 5.1", yet each time when I login to the Cisco device, it logs me directly into user exec mode and not priv exec.
I am sure I had it working earlier but it is no longer working. Any ideas anyone?
The Designer Shell profile has the following configured with the 2 privilege settings as 15.
Service selection rules:
The Device Authorisation Policy is as follows;
The cisco AAA commands are;
aaa new-model aaa authentication login default group tacacs+ line enable aaa authentication enable default group tacacs+ line enable aaa authorization console aaa authorization config-commands aaa authorization exec default group tacacs+ if-authenticated aaa authorization commands 15 default group tacacs+ if-authenticated aaa accounting exec default start-stop group tacacs+ aaa accounting commands 1 default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting system default start-stop group tacacs+
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...