Re: ASA aaa configuration and ACS options? from S Malik on 2010-11-02 (Ccielab archives 11/2010)

From: S Malik <ccie.09_at_gmail.com>
Date: Tue, 2 Nov 2010 11:13:33 -0400

Jay,

It guess you don't follow this forum regularly. This forum has changed from
a CCIE related questions answer forum to a great professional forum as well.

I am not denying its primary purpose but it has become more than a
traditional CCIE forum and there are many good folks here who are always
there to assist any one who needs.

Anyway, I prefer, non CCIE related questions be marked as OT in the subject
line.

On Mon, Nov 1, 2010 at 11:25 AM, Jay McMickle <jay.mcmickle_at_yahoo.com>wrote:

> This really isn't the forum for striaght configuration setup, but this will
> get
> you started.
>
> aaa authentication enable console myACSserver LOCAL
> aaa
> authentication http console myACSserver LOCAL
> aaa authentication ssh console
> myACSserver LOCAL
> aaa authorization command myACSserver LOCAL
>
> aaa-server
> myACSserver protocol tacacs+
> reactivation-mode depletion deadtime 1
> aaa-server myACSserver (inside) host 1.1.1.1
> timeout 3
> key *****
>
> username
> test password test priv 15
>
> Make sure to put the "LOCAL" at the end so that it
> will fallback to local auth
> in the event your TACACS server is unreachable.
>
> Regards,
> Jay McMickle- CCNP, CCSP, CCDP, MCSE
> http://mycciepursuit.wordpress.com/
>
>
>
>
>
> ________________________________
> From: Adil Pasha <aspasha_at_gmail.com>
> To: Cisco certification
> <ccielab_at_groupstudy.com>
> Sent: Sat, October 30, 2010 3:58:48 PM
> Subject: ASA
> aaa configuration and ACS options?
>
> Could someone please let me know the
> configuration to configure "aaa command
> authorization" on ASA and
> configuration ACS to make the user login work?
>
>
>
> I tried everything and
> checked google.com but found nothing.
>
>
>
> I must be doing something wrong
> therefore I get the following error and ACS
> logs shows that ASA is looking for
> "enable_15". It is documented in any
> Cisco ASA docs?
>
>
>
> ASA-GNS3Lab(config)#
> aaa authorization command myACSserver LOCAL
>
> ASA-GNS3Lab(config)# exit
> Command authorization failed
>
> ASA-GNS3Lab(config)# exit
>
> Command authorization
> failed
>
> ASA-GNS3Lab(config)#
>
>
>
>
>
> Please let me know what I must be doing
> wrong?
>
>
>
>
>
> Best Regards.
>
>
>
> Adil.
>
>
> Blogs and organic groups at
> http://www.ccie.net
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue Nov 02 2010 - 11:13:33 ART

This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:55 ART