Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASA privileges 15 authentication trow ACS

Status
Not open for further replies.
asidko

asidko

ISP
Apr 6, 2010
1
CA
Hi.

When I log in via ssh/telnet to an ASA configured with

aaa-server ACS-Servers protocol radius
aaa-server ACS-Servers (outside) host xxx.xxx.xxx.xxx

I do not get privilege level 15 as I should. I have to execute the "enable" command explicitly. Then the prompt changes and privileged commands work.

On IOS routers this works as expected, ie. the ssh login directly gives me a privileged prompt.

Am I doing something wrong? Is that a known bug/feature?
 
Sort by date Sort by votes
Are you doing the login authentication via the ACS or it's used the default internal database on ASA? if you are using ACS and enable the authorization on ASA then you need to configured it on ACS. If you are loggedin via local ASA database then give the privialge 15 to user which you areusing in SSH login.

Thanks,
Mustafa Gangardiwala

Mustafa Gangardiwala
CCIE-Security # 16253, CISA
CISM,CISSP,INFOSEC, MCSE, CNE
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
580
intel233
intel233
gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
438
gkreg
gkreg
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
624
intel233
intel233
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
313
AllenH12
AllenH12
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
158
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top