Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Device admin not able to execute command a Cisco ASA CLI after TACACS authentication

Hi All,

I have setup a Cisco ASA with the device admin access to be authencticatedand authorizated with a Cisco ACS v 5.2. However, I am not able to exeute and command at the CLI even I have authenicated successfully. I have configure the Cisco ACS to permit all command and to set the shell prviliages to 15.

Please advice.

Thks and Rgds

2 REPLIES
Cisco Employee

Device admin not able to execute command a Cisco ASA CLI after T

Looks like you are getting "command authorization failed".

Did you check this option under policy element > device administration > command set > edit >

  "Permit any command that is not in the table below"

Do we have the same/correct command set selected under the access-policies > default device admin > authorization > edit rule > check what we have in command set selected option.

If it's not visible there, then on the same page you need to click on customise tab in the right bottom corner and move the command set option on the right set.

Hope this adds some direction.

Regards,

Jatin

Do rate helpful posts-

~Jatin Katyal
Cisco Employee

Device admin not able to execute command a Cisco ASA CLI after T

What is the authorization failure reason if there is any in the logs?

584
Views
0
Helpful
2
Replies
CreatePlease to create content