Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX authorization issue with TACACS+

I have setup on a network

PIX firewall(ver 6.3(5).

aaa-server TACACS+ (inside) host 172.20.67.153 cisco123

aaa accounting telnet console TACACS+ LOCAL

aaa authentication telnet console TACACS+ LOCAL

aaa authorization commands TACACS+

I could able to login enable mode.

But Iam getting Comamnd Authorization failed. If iam trying config t, show run which are allowed in PIX/ASA command authorization set in TACACS+.

1 REPLY
Bronze

Re: PIX authorization issue with TACACS+

Hi friend,

You could try the following:

1) See the configuration of the user authorization on the ACS. Maybe there's a mistake when giving plivileges to the disired user.

See these documents:

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2086/prod_configuration_examples_list.html

2) Configure a local user and try to login wiht the local database. To do it, see the example bellow:

username admin password xxxxxxxx encrypted privilege 15

Hope it helps. If it does, please rate.

Regards,

Rafael Lanna

132
Views
0
Helpful
1
Replies