ASA Radius Authentication section 4 Technologies Lab Workbook

Dears,

Please note that i followed the steps in the workbook for the section 4 ASA Radius Authentication. My problem is when i put the username/password, everything works fine but when i enter the command "enable", i have to put the user password instead of the user enable password. Is there anything wrong in the workbook correction or this is the behavior of the ASA?

Please advise.

Comments

  • Dears,

    I found that with RADIUS protocol, and the enable password can only be used with TACACS+.

    Thank you :)

  • Hi,

       Yes, in the old 3.x, 4.x ACS version, it was named TACACS+ enable password in the GUI, now it's only enable password, but yes, it works only with TACACS, because RADIUS has no attributes to signal to ACS that it needs to authenticate using the enable password, and Cisco did not implemented it using AV pairs because you are supposed to use TACACS for device administration, not RADIUS.

    Regards,

    Cristian.

  • Thank you Cristian for the valuable information :)


    On Thu, Feb 20, 2014 at 9:51 AM, cristian.matei <[email protected]> wrote:

    Hi,

       Yes, in the old 3.x, 4.x ACS version, it was named TACACS+ enable password in the GUI, now it's only enable password, but yes, it works only with TACACS, because RADIUS has no attributes to signal to ACS that it needs to authenticate using the enable password, and Cisco did not implemented it using AV pairs because you are supposed to use TACACS for device administration, not RADIUS.

    Regards,

    Cristian.




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

Sign In or Register to comment.