Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Accessing an ASA 8.2.1 0 -AAA


the only way I can access my ASA is via SSH. It asks me for username which I put "pix" and for the password, I put the enable password I created.

This however only gets me half way in because it then asks for the enable password. I type the enable password and I get in.

I created the command "aaa authentication ssh console LOCAL" and now as soon as I ssh to the ASA, it won't let me type the default username pix with the default enable password for the password... this is actually good because I am now forced to type the local credentials however when I do that, I am still not getting into privelele mode. I still have to type the enable password.

How can I configure the ASA to have user's (with level 15) type their credentials and get directly into privilege mode without the ASA asking them for the enable password???

I don't want give out the enable password to every admin that needs to access the ASA...

any help will be appreciated

  • Firewalling

Re: Accessing an ASA 8.2.1 0 -AAA

ASA is not like IOS box. In IOS box, you can let user get into enable mode directly after login. This feature is not available on ASA as far as I know.

New Member

Re: Accessing an ASA 8.2.1 0 -AAA

are you sure?

how can you have delegated accounts then on an ASA?

are you then saying that every admin will have to know the enable password?

Re: Accessing an ASA 8.2.1 0 -AAA

As far as I know, it's impossible on ASA.

New Member

Re: Accessing an ASA 8.2.1 0 -AAA

it's hard to beleive... so how do you properly delegate access to an ASA to few different administrators?

there has to be a way.

Re: Accessing an ASA 8.2.1 0 -AAA

you can setup enable password in different levels.

user pass level <#>

When they login, they need use "enable " and related enable password to login.

This widget could not be displayed.