Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
526
Views
5
Helpful
2
Replies

Local authorization configuration

Go to solution
networker99
Level 1
Level 1

‎10-23-2009 12:05 PM - edited ‎03-10-2019 04:45 PM

I have our ASA's authenticating against ACS (tacacs+) and using ACS authorization which all works, but when the ACS server is unavailable I can log in using local authentication but I have no authorization rights. Is there a way to grant full authorization rights to the local user if ACS is unavailable?

I am using

aaa authentication ssh console <tacacs> LOCAL

aaa authorization ssh console <tacacs> LOCAL

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎10-23-2009 12:13 PM

Hi,

You should have a local user on the ASA with privilege 15

You can add local user like this:

(config)#username password privilege 15

so this user account will have full access when your tacacs goes down.

HTH

JK

Plz rate helpful posts-

~Jatin

View solution in original post

2 Replies 2

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎10-23-2009 12:13 PM

Hi,

You should have a local user on the ASA with privilege 15

You can add local user like this:

(config)#username password privilege 15

so this user account will have full access when your tacacs goes down.

HTH

JK

Plz rate helpful posts-

~Jatin

Go to solution
networker99
Level 1
Level 1
In response to Jatin Katyal

‎10-23-2009 12:21 PM

Yea I did have that user.. it was becuase I had not fully logged out after applying the commands.. all okay now.. thanks

0 Helpful
Customers Also Viewed These Support Documents