We have one PIX 515E with latest image and one ACS 3.0.2.
We would like to limit which netadmin may use which command on PIX.
We have created the user accounts on ACS, and AUTHENTICATION is working fine. Under user Advanced TACACS+ properties > "PIX Command Authorization Set", we've seleted "Assign a PIX Command Authorization Set for any network device" and picked an already defined "PIX command authorization set" called "com1".
As soon as I enter "aaa authorization command TACACS+" on PIX, I cannot execute anymore commands and I get "Command authorization failed".
On the ACS "Failed attempts" log, I get "11/12/2002 07:50:04 Author failed u20 Default Group 0.0.0.0 .. Command unknown service=shell cmd=quit 0 10.1.1.1"
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...