I use ACS ver 4.2, and set up the following configuration on the routers.
aaa authentication login default group tacacs+ local
aaa authentication login no_auth local enable
aaa authorization config-commands
aaa authorization commands 1 default group tacacs + local
aaa authorization commands 15 default group tacacs + local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
Everything works perfect, but I am trying to deny the 'show run' command using ACS command authorization sets. ( See attahment). All other commands are working, but no matter what I do the show run is un-sucessful. In the group, Max privilege for any AAA client set to 'Level 1'. and Shell (exec) is set to 'Privilege level 1 '. Any ideas?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...