Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PDM permissions

We are running an PIX 515 and we use a Cisco ACS 1113 server as our tacacs server for authentication (TACACS). Our department head has decided that he would like our help desk folks to have access to our PIX via PDM so they may be able to view rules in place as well as some other monitoring functions. They can access the PIX via PDM but the issue is that they are at full enable 15 privilege. I need to know if there is a way to give them access to the firewall via PDM with read only permissions or if there would be a way to setup some sort of PIX command authorization with the ACS server so that they cannot make major configuration changes but still permit the senior members of the team the ability to make the changes. If anybody knows if there is any way to limit permissions available to folks via PDM and can either let me know how or point me to the proper documentation I would appreciate it. Thanks in advance.

1 REPLY

Re: PDM permissions

Matt,

You need to set up command authorization on acs. Please see this link,

http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml#scenario2

That should help

Regards,

~JG

Do rate helpful posts

101
Views
0
Helpful
1
Replies