[Dev] Cisco Pix adaptor failed to retrieve configuration because of TACACS+ server.
Ryan Kruse
rkruse at alterpoint.com
Thu Mar 20 12:59:15 CDT 2008
Hi PingShan Li,
Can you just login to the device directly with your "james" account? That would require no adapter modification.
It seems as though you've setup TACACS+ to deny the "enable" command for the "testUser" so you just login with your "james" account that gets you right to priv 15 (enable) mode. Please correct me if I'm wrong.
-Ryan
________________________________
From: dev-bounces at ziptie.org [mailto:dev-bounces at ziptie.org] On Behalf Of PingShan Li
Sent: Thursday, March 20, 2008 9:48 AM
To: dev at ziptie.org
Subject: [Dev] Cisco Pix adaptor failed to retrieve configuration because of TACACS+ server.
Cisco Pix adaptor failed to retrieve configuration because of TACACS+ server.
The pix device is configured to use TACACS+ server, when the user types enable command, "Command authorization failed" is replied. The attched file handles this situation, but it can be improved to try to send enable command first, then try to send login command if enable failed.
Please review the changes.
Thanks
PingShan Li
User Access Verification
Username: testUser
Password: ********
Type help or '?' for a list of available commands.
fnkc-isofw> enable
Command authorization failed
fnkc-isofw>
fnkc-isofw>
fnkc-isofw> enable
Command authorization failed
fnkc-isofw>
fnkc-isofw>
fnkc-isofw> login
Username: james
Password: ********
fnkc-isofw#
fnkc-isofw#
fnkc-isofw#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ziptie.org/pipermail/dev/attachments/20080320/2dbfaea9/attachment.html
More information about the Dev
mailing list