Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1363
Views
5
Helpful
3
Replies

automatic jump to privilege level 15 in PIX/ASA

r.spiandorello
Level 1
Level 1

‎10-26-2006 05:11 AM - edited ‎03-10-2019 02:48 PM

Hi, with IOS router and switch I'm able to authorize the user to jump automatically to the correct privilege level in login phase, as configured in authorization privilege field in ACS.

With PIX/ASA the jump does not run: why ?

thank you in advance

RS

Labels:
0 Helpful
3 Replies 3

Collin Clark
VIP Alumni
VIP Alumni

‎10-26-2006 09:09 AM

It's a security feature. Requires knowing two passwords to get full access to the device.

HTH and please rate if it does.

wojciech.wojcik
Level 1
Level 1
In response to Collin Clark

‎07-07-2010 12:26 AM

I have the same kind of problem but with different RADIUS server (FreeRADIUS) and ASA 5520 (7.2). Is there a way to log into ASA with defined privilege level ? It is possible to define local user but it doesn't work with RADIUS logging enabled.

Thanks in advance for any help

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni
In response to wojciech.wojcik

‎07-08-2010 07:02 AM

I have to disagree here.

It's not a security feature. The privilege level feature was never properly implemented in the PIX/ASA. You may call it a bug

I would have been a security feature if it would be implemented on all privilege levels besides level 15, so that users were prevented from going directly to priv. exec mode. But on the ASA/PIX, it does not work for any level (as the feature was not implemented).

Regards


Farrukh

0 Helpful
Customers Also Viewed These Support Documents