Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Cisco
CCNP (Professional)
Read only ASDM with Tacacs+
sucanushie
I'm trying to give access to some users on my ASA's via Tacacs+ on our ACS
On the ACS I did the following
-Added ASA to the ACS
-Created User
-Created Shell profile giving Priv 5
-Created a command set for all commands
-Created auth profile for said user with the shell profile and all commands, command set.
On the ASA I set up AAA authentication and authorization for HTTP then used the predefined user roles which sets Priv 5 as read only.
When I log in I can make changes on the config menu.
If I change the AAA to the local DB and create a user with Priv 5 it works as expected. I can get to the config menu but when I apply changes it says I don't have rights to do so.
When I do a a curpriv from ASDM on both the local account and the tacacs account they show as priv level 5.
I'm not sure what I'm missing.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
Hondabuff
Have you tried using this line yet?
aaa authorization exec default group tacacs+ local
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
