Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
234
Views
0
Helpful
2
Replies

I am not able to Upload any Local Policys on PIX 6.3

sachin.sg
Level 1
Level 1

‎02-18-2008 01:26 AM - edited ‎02-21-2020 01:54 AM

Hi Pls help me out for CSM Policy Deployement ...

1) My PIX 6.3 is having AAA Tacacs configuration , when I am using user:csm configured on ACS (Tacacs ) with SSH/Telent I am able to Login and do all editing in config.

2) But when I am using same user:csm through CSM 3.1 to deploy any Policy it gives me below error given . I have check with ACS policy no issue becuase through SSH /Telnet I am able to do all changes using same user:csm

pls suggest on same

COMMENT: BULK START

! COMMENT: Bulk request written; reading response...

! COMMENT: URL: https://172.16.10.3/config

Line# 2. (ERROR) Sent (Mon Feb 18 13:18:21 GMT+05:30 2008): access-list intdmz line 70 permit tcp host

172.16.2.141 host 172.16.8.1

Received (Mon Feb 18 13:18:21 GMT+05:30 2008): Command authorization failed

! COMMENT: Device reported error here and stopped accepting further commands

! COMMENT: BULK END

Note : I am attaching all configuration for ur reference

Preview file
23 KB
0 Helpful
2 Replies 2

ivillegas
Level 6
Level 6

‎02-22-2008 07:37 AM

Are you integrating ACS with CSM. If you are using ACS.4x version then, it has two secret keys. One is for NDG and another one is for individual devices. Of the two,NDG secret key gets higher preference. so please check if NDG secret key is

identical with your CSM server secret key.

0 Helpful

sachin.sg
Level 1
Level 1
In response to ivillegas

‎02-27-2008 09:01 AM

Thanks for replying

I have not integrated CSM 3.1 with ACS 4.1 .I am only using acs valid user i.e csm in CSM3.1 cerdentials .

But when I am doing ssh using putty from Windows 2003 Server machine on which CSM 3.1 install , I am able to make changes , but when Depolying the policies through CSM 3.1 getting error " Command Authorization Failed"

I am able to depoly policies on Router , but failed to Deploy on PIX 6.3(5)

Pls help me out on same

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card