cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
817
Views
5
Helpful
4
Replies

ASA User Privileges

Gordon Ross
Level 9
Level 9

I'm running 9.1.4 on an ASA 5540.

I'm trying to setup a seperate privilege level so my rancid system can login and get the configuration, but can't actually change anything. I've put the following commands into the ASA config:

aaa authorization command LOCAL

username rancid password ... encrypted privilege 4

privilege show level 4 mode exec command running-config

privilege show level 4 mode exec command curpriv

But when I login as user rancid, I get no "show" command available to me.

What have I done wrong?

Thanks,

GTG

Please rate all helpful posts.
4 Replies 4

Collin Clark
VIP Alumni
VIP Alumni

GTG-

Are you in exec mode? Have you tried a show run even though it doesn't show up?

Type help or '?' for a list of available commands.

asa-1/act>

asa-1/act> show run

                      ^

ERROR: % Invalid input detected at '^' marker.

ERROR: Command authorization failed

asa-1/act> show curpriv

                       ^

ERROR: % Invalid input detected at '^' marker.

asa-1/act>

:-(

Please rate all helpful posts.

Can you add an enable password to level 4-

enable password R@nCiDPaSsW0rD level 4

Once rancid logs in, can you type enable 4 and see if the commands work?

That works a treat.

Just to tell rancid to only try level 4.

Thanks,

GTG

Please rate all helpful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: