EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #688 background imageLoading...
Page #688 background image
32-16
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 32 Configuring Management Access
Configuring AAA for System Administrators
Default Command Privilege Levels, page 32-16
Assigning Privilege Levels to Commands and Enabling Authorization, page 32-17
Viewing Command Privilege Levels, page 32-18
Local Command Authorization Prerequisites
Complete the following tasks as part of your command authorization configuration:
Configure enable authentication. (See the “Configuring Authentication for CLI, ASDM, and enable
command Access” section on page 32-11.)
enable authentication is essential to maintain the username after the user accesses the enable
command.
Alternatively, you can use the login command (which is the same as the enable command with
authentication; for the local database only), which requires no configuration. We do not recommend
this option because it is not as secure as enable authentication.
You can also use CLI authentication, but it is not required.
See the following prerequisites for each user type:
Local database users—Configure each user in the local database at a privilege level from 0 to 15.
To configure the local database, see the Adding a User Account” section on page 31-18.
RADIUS users—Configure the user with Cisco VSA CVPN3000-Privilege-Level with a value
between 0 and 15.
LDAP users—Configure the user with a privilege level between 0 and 15, and then map the
LDAP attribute to Cisco VAS CVPN3000-Privilege-Level according to the “Configuring LDAP
Attribute Maps” section on page 31-22.
Default Command Privilege Levels
By default, the following commands are assigned to privilege level 0. All other commands are at
level 15.
show checksum
show curpriv
enable
help
show history
login
logout
pager
show pager
clear pager
quit
show version
If you move any configure mode commands to a lower level than 15, be sure to move the configure
command to that level as well, otherwise, the user will not be able to enter configuration mode.
To view all privilege levels, see the “Viewing Command Privilege Levels” section on page 32-18.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals