RE: Privileged mode access in a Pix

["Sonya Gilly" <sgilly () servicom2000 com>]

We are using TAC_PLUS from Cisco and we have defined different user
profiles. The problem is that I can't configure the privileged level 15 and
access directly to the enable mode.

All this is because there are users that can't know the enable password. In
routers, they access with privileged level 15 directly to the privileged
mode, and they only can type the commands specified in the TACACS. But in
the PIX, they only have access to the unprivileged mode, so they can't do
anything without the enable password.

Do you know if it is possible with a Pix?

Thanks in advance,
Sonya

-----Mensaje original-----
De: Yang Lee [mailto:ylee () net50 com]
Enviado el: martes, 19 de junio de 2001 3:49
Para: sgilly () servicom2000 com
CC: firewall-wizards () nfr com
Asunto: Re: [fw-wiz] Privileged mode access in a Pix


Modify the account user profile in tacacs+ server. What kind of tacacs+
server you are using by the way?

> I'm trying to configure authorization in a Pix. I have the following
> commands in a Cisco router, but I haven't found the equivalence in Pix
> configuration:
>
> aaa authorization exec default tacacs+ if-authenticated
> aaa authorization commands 15 default tacacs+ if-authenticated
>
> I would like to access the Pix directly in privileged mode through SSH,
> and limiting the enabled commands for different users in the TACACS+
> server.
>
> Do you know if this is possible in a Pix?   (The firewall version is
> 5.3.1)
>
> Thanks in advance,
> Sonya
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://www.nfr.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards