Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

help with AAA config- stuck and need assistance

I have an ASA firewall in which I need these requirements.

There will be three local accounts defined on the ASA. I need one of these accounts to have to enter an enable password when accessing privileged enable mode. The other two accounts I want to take directly to privileged mode after authenticating with their local username and password. All connections to the ASA will be via SSH, if that matters. How do I set this up?

3 REPLIES

Re: help with AAA config- stuck and need assistance

In ASA user cannot fall directly to enable mode since exec authorization is not supported.

Please see this link,

http://www.ciscotaccc.com/security/showcase?case=K25224726

Regards,

~JG

Do rate helpful posts

New Member

Re: help with AAA config- stuck and need assistance

but doesn't this pertain to TACACS+ and RADIUS authentication? All my accounts are locally defined on the ASA itself, nothing goes to an external authentication server.

Re: help with AAA config- stuck and need assistance

It also applicable for local authentication. ASA does not perform exec authorization, no matter what db or protocol we use.

Regards,

~JG

Do rate helpful posts

139
Views
0
Helpful
3
Replies