Re: ASA Authorization exec, is it possible ?

Aaa author exec will keep local users that are only the service-type
remote-access from getting a nas prompt.

On Mar 30, 2010, at 9:29 AM, Ryan West <rwest_at_zyedge.com> wrote:

> Edouard,
>
>> -----Original Message-----
>> Sent: Tuesday, March 30, 2010 9:04 AM
>> To: Ryan West; security_at_groupstudy.com
>> Cc: ccielab_at_groupstudy.com
>> Subject: Re: ASA Authorization exec, is it possible ?
>>
>> Thanks a lot Ryan,
>>
>> So, what is this command for :
>>
>> "aaa authorization exec authentication-server"
>>
>
> To be honest, I have not seen this command before, but after a
> little testing, it seems to be the same as typing
>
> aaa authentication enable console LOCAL
>
> Assuming you are running local authentication and have set your
> admin users to priv 15. I'll test this out with TACACS later as it
> simplifies my configs a little. I want to see if it will follow the
> fall-back method as well.
>
> -ryan

Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 30 2010 - 12:12:52 ART