I have a TACACS+ group named "Network Administrators", which has privilege level 15 option enabled, so admins do not have to type enable password when authenticating. After setting up ACE AAA, the prvilege level 15 option stops working, while logging in Cisco routers: after authentication, the user remains in privilege level 1.
Logging in Cisco switches seems to be OK, stepping immediately to level 15 as usual.
I tried upgrading IOS in a router, but no luck...
Does anybody have any experiance about this "bug"?
Could you please provide TACACS log from ACS and verify in log that correct SHELL PROFILE are choosen. Also - how many context do you have? In Monday I try to veify settings in ACS (today I don't have direct access to ACS & ACE - this devices are left on my previuos job)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...