EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #694 background imageLoading...
Page #694 background image
32-22
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 32 Configuring Management Access
Configuring AAA for System Administrators
show pager
clear pager
quit
show version
Enabling TACACS+ Command Authorization
Before you enable TACACS+ command authorization, be sure that you are logged into the adaptive
security appliance as a user that is defined on the TACACS+ server, and that you have the necessary
command authorization to continue configuring the adaptive security appliance. For example, you
should log in as an admin user with all commands authorized. Otherwise, you could become
unintentionally locked out.
Detailed Steps
Step 1 To perform command authorization using a TACACS+ server, go to Configuration > Device
Management > Users/AAA > AAA Access > Authorization, and check the Enable authorization for
command access > Enable check box.
Step 2 From the Server Group drop-down list, choose a AAA server group name.
Step 3 (Optional) you can configure the adaptive security appliance to use the local database as a fallback
method if the AAA server is unavailable. Click the Use LOCAL when server group fails check box.
We recommend that you use the same username and password in the local database as the AAA server
because the adaptive security appliance prompt does not give any indication which method is being used.
Be sure to configure users in the local database (see the Adding a User Account” section on page 31-18)
and command privilege levels (see the “Configuring Local Command Authorization” section on
page 32-15).
Step 4 Click Apply.
Configuring Management Access Accounting
You can configure accounting when users log in, when they enter the enable command, or when they
issue commands.
Prerequisites
You can only account for users that first authenticate with the adaptive security appliance, so configure
authentication using the “Configuring Authentication for CLI, ASDM, and enable command Access”
section on page 32-11.
For information about configuring a AAA server group, see the “Configuring AAA Server Groups”
section on page 31-8. For CLI access, you can use TACACS+ or RADIUS servers. For command
accounting, you can only use TACACS+ servers.
Detailed Steps

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals