This really isn't the forum for striaght configuration setup, but this will
get
you started.
aaa authentication enable console myACSserver LOCAL
aaa
authentication http console myACSserver LOCAL
aaa authentication ssh console
myACSserver LOCAL
aaa authorization command myACSserver LOCAL
aaa-server
myACSserver protocol tacacs+
reactivation-mode depletion deadtime 1
aaa-server myACSserver (inside) host 1.1.1.1
timeout 3
key *****
username
test password test priv 15
Make sure to put the "LOCAL" at the end so that it
will fallback to local auth
in the event your TACACS server is unreachable.
Regards,
Jay McMickle- CCNP, CCSP, CCDP, MCSE
http://mycciepursuit.wordpress.com/
________________________________
From: Adil Pasha <aspasha_at_gmail.com>
To: Cisco certification
<ccielab_at_groupstudy.com>
Sent: Sat, October 30, 2010 3:58:48 PM
Subject: ASA
aaa configuration and ACS options?
Could someone please let me know the
configuration to configure "aaa command
authorization" on ASA and
configuration ACS to make the user login work?
I tried everything and
checked google.com but found nothing.
I must be doing something wrong
therefore I get the following error and ACS
logs shows that ASA is looking for
"enable_15". It is documented in any
Cisco ASA docs?
ASA-GNS3Lab(config)#
aaa authorization command myACSserver LOCAL
ASA-GNS3Lab(config)# exit
Command authorization failed
ASA-GNS3Lab(config)# exit
Command authorization
failed
ASA-GNS3Lab(config)#
Please let me know what I must be doing
wrong?
Best Regards.
Adil.
Blogs and organic groups at
http://www.ccie.net
Received on Mon Nov 01 2010 - 08:25:32 ART
This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:55 ART