01-07-2014 08:55 AM - edited 03-11-2019 08:26 PM
I'm running 9.1.4 on an ASA 5540.
I'm trying to setup a seperate privilege level so my rancid system can login and get the configuration, but can't actually change anything. I've put the following commands into the ASA config:
aaa authorization command LOCAL
username rancid password ... encrypted privilege 4
privilege show level 4 mode exec command running-config
privilege show level 4 mode exec command curpriv
But when I login as user rancid, I get no "show" command available to me.
What have I done wrong?
Thanks,
GTG
01-07-2014 10:41 AM
GTG-
Are you in exec mode? Have you tried a show run even though it doesn't show up?
01-07-2014 10:58 AM
Type help or '?' for a list of available commands.
asa-1/act>
asa-1/act> show run
^
ERROR: % Invalid input detected at '^' marker.
ERROR: Command authorization failed
asa-1/act> show curpriv
^
ERROR: % Invalid input detected at '^' marker.
asa-1/act>
:-(
01-07-2014 12:06 PM
Can you add an enable password to level 4-
enable password R@nCiDPaSsW0rD level 4
Once rancid logs in, can you type enable 4 and see if the commands work?
01-07-2014 02:30 PM
That works a treat.
Just to tell rancid to only try level 4.
Thanks,
GTG
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: