Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Read only Account on ASA

I have 2 ASA's where I have to create a read-only account for an user to monitor sessions on the ASAs. The read-only account should only have permission to use ASDM and click on the Monitor tab? I donot use an AAA server at present. How can I do it? Helpful posts will be rated. Thanks in Advance.

5 REPLIES

Re: Read only Account on ASA

Have a look at this:

http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/user/guide/devaccss.html#wp1218050

I'm assuming this works via the privilege command and no external AAA servers are required.

Regards

Farrukh

Re: Read only Account on ASA

Thanks. I have rated the reply.

Re: Read only Account on ASA

Thanks, let me know how it goes.

Regards

Farrukh

Re: Read only Account on ASA

User complained that he is having the following error "You donot have sufficient priviliges to execute commands required to load ASDM. Please contact your System Administrator." on one ASA and looks like it works on other ASA. What might be the problem.

Thanks in Advance

Re: Read only Account on ASA

Hi,

Can you post the configuration changes that you made to try to get this working? You should only need to create a privilege level 5 user and configure ASDM to use the local user database:

ASA(config)# username user1 password password123 priv 5

ASA(config)# aaa authentication http console LOCAL

-Mike

362
Views
8
Helpful
5
Replies