I've been trying to set up a read-only group that allows certain users to login at privilege level3 and issue several commands, i.e.; show run. The user group in the ACS is correct and here are the configure lines in the device:
aaa authorization config-commands
aaa authorization exec default group tacacs+ local none
aaa authorization commands 1 default group tacacs+ local if-authenticated
aaa authorization commands 3 default group tacacs+ local if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
When a user with level priv 15 logs in authorization works fine. The debug messages show authorization requests going to the ACS and the appropriate responses are returned. However, when a level 3 users logs in, authorization for those commands that user has access to, show run fails. I noted that the device did not send any request to ACS.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...