11-19-2010 10:51 AM - edited 03-11-2019 12:11 PM
Hi,
One of my customer is having problem to login to the ASA at the privilege mode, He has access through ASDM. He has changed the enable password through ASDM but no luck. Here is the config:
aaa authentication ssh console Radius LOCAL
aaa authentication enable console Radius LOCAL
aaa authentication http console Radius LOCAL
aaa accounting enable console Radius
aaa accounting ssh console Radius
He tried by disabling the Radius server to login local but didn't work. Anybody has any idea?
Thanks.
11-19-2010 10:53 AM
Hi,
If you remove this command can you log in?
no aaa authentication enable console Radius LOCAL
It's going to ask Radius authentication for the enable password when connected via the console, so can you try to remove the command via a telnet/SSH session?
Federico.
11-19-2010 11:26 AM
Hi,
I guess he didn't test that by removing the command. But the problem is that he doesn't have privilege level access via SSH or Telnet.
11-19-2010 12:42 PM
Does he have access to the CLI of the ASA at this moment? Or it's locked out the privilege mode?
Federico.
11-19-2010 12:52 PM
He doesn't have privilege level access through the CLI .
11-19-2010 12:56 PM
Has the configuration already been saved to flash?
If not... could reload the ASA to log in...
Another option is to disable the authentication method against the Radius via ASDM and do a password recovery on the ASA via rommon mode.
Federico.
11-19-2010 01:03 PM
Thanks for your reply. It is already saved. May be he can bypass Radius server and use local database:
aaa authentication enable console LOCAL
aaa accounting enable console LOCAL
11-19-2010 01:17 PM
Yes, can you try that and post the result?
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide