Re: [fw-wiz] Login straight to priv mode in PIX with TACACS server
- From: John Morrison <john.morrison101@xxxxxxxxxxxxxx>
- Date: Fri, 12 Feb 2010 08:33:06 +0000
Michel,
If you set the PIX to use tacacs+ and then local it will use local if
it cannot contact the TACACS+ server, The easiest way to make sure it
cannot contact the TACACS+ server is to remove the network cables.
On 6 February 2010 15:32, Michel Ferreira <michelf@xxxxxxxxx> wrote:
Hi,_______________________________________________
I've successfully configured my PIX 506E (6.3) to authenticate with my
TACACS+ Server (ACS 4.1), however I want to know if there's any way to
put the user straight in priv mode (enable) just after login, without
the need to input the 'enable' command.
I'm questioning this because I don't want to include the "aaa
authentication enable console tacacs+ LOCAL" command, since with this
command if I need console access I still will be authenticating
against the TACACS+ server, which, in a emergency situation (like one
that i need to physically connect a console cable to the firewall)
I'll be using the remote authentication, and I don't want that.
Thanks for your considerations,
Michel
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Login straight to priv mode in PIX with TACACS server
- From: Michel Ferreira
- [fw-wiz] Login straight to priv mode in PIX with TACACS server
- Prev by Date: [fw-wiz] Login straight to priv mode in PIX with TACACS server
- Next by Date: [fw-wiz] Inline 2 port POE Firewall
- Previous by thread: [fw-wiz] Login straight to priv mode in PIX with TACACS server
- Next by thread: [fw-wiz] Inline 2 port POE Firewall
- Index(es):
Relevant Pages
|
