10-26-2006 05:11 AM - edited 03-10-2019 02:48 PM
Hi, with IOS router and switch I'm able to authorize the user to jump automatically to the correct privilege level in login phase, as configured in authorization privilege field in ACS.
With PIX/ASA the jump does not run: why ?
thank you in advance
RS
10-26-2006 09:09 AM
It's a security feature. Requires knowing two passwords to get full access to the device.
HTH and please rate if it does.
07-07-2010 12:26 AM
I have the same kind of problem but with different RADIUS server (FreeRADIUS) and ASA 5520 (7.2). Is there a way to log into ASA with defined privilege level ? It is possible to define local user but it doesn't work with RADIUS logging enabled.
Thanks in advance for any help
07-08-2010 07:02 AM
I have to disagree here.
It's not a security feature. The privilege level feature was never properly implemented in the PIX/ASA. You may call it a bug
I would have been a security feature if it would be implemented on all privilege levels besides level 15, so that users were prevented from going directly to priv. exec mode. But on the ASA/PIX, it does not work for any level (as the feature was not implemented).
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide