01-06-2010 03:43 AM - edited 03-10-2019 04:52 PM
Hi,
Well I have a ASA which I tried adding in ACS with TACAS+ protocol. I was able to authenticate with my ACS user but was unable to run any command which says "Command Authorization Failed".
The ASA configuration is attached for reference.
I have one doubt also as whether it is possible to have authorizaton of ASA with RADIUS protocol.
Thanks in advance
Ritesh
01-06-2010 05:48 AM
Ritesh:
On the TACACS+ server, configure the commands that a user or group can use after they authenticate for CLI access. Every command that a user enters at the CLI is checked with the TACACS+ server. Looks like you haven't configured any shell command set on the ACS.
Here is a Doc that helps you configuring command set on ACS:
Also, radius doesn't support command authorization.
Let me know if you have any query/concern.
Regards,
JK
Plz rate helpful posts-
01-07-2010 06:53 AM
Also, if you just want to authenticate you user with RADIUS when doing telent and you don't want to authorize on a per command basis you can remove the "aaa authorization command CACS LOCAL" command.
I hope it helps.
PK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide