I have a ASA 5550 running multiple contexts, but having the AAA authentication serial console (TACACS Server Name) LOCAL allows a tacacs challenge on connecting to the console but I am then unable to issue any commands i.e. enable or Show Run - message command autherixation failed
Has anyone setup console (serial) TACACS and got it working?
The below are the commands which requires with respect to the console access.
aaa-server TACACS+ protocol tacacs+
aaa authentication serial console TACACS+ LOCAL
aaa authentication telnet console TACACS+ LOCAL
aaa authentication enable console TACACS+ LOCAL
aaa authentication ssh console TACACS+ LOCAL
aaa authentication http console TACACS+ LOCAL
So you should have both serial console and enable console for you settings. If you have these settings in your firewall. Also please check in the tacacs server end if privelage level is set properly for the same.
On SSH connections it works perfect, but on console (serial) login it does not, TACACS login OK then you need to use the Local enable password (my tacacs password fails), this leaves you in the system area on mulitiple context ASA, you can switch to admin, context1 etc but then any commands fail.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...