[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 266
  • Last Modified:

how to create usernames in pix /asa

I did the username <user> password <oass> privilege level, but I can't log in remotely with these users. Whats wrong
0
dissolved
Asked:
dissolved
  • 4
  • 3
1 Solution
 
Voltz-dkCommented:
It doesn't ask you for a username at login?
You need to enable aaa... like

aaa authentication telnet console LOCAL
(there are several options to enable it on, like ssh, http, serial, enable)
0
 
dissolvedAuthor Commented:
hmm well that may not work. If it needs AAA, hows that going to work with our remote access users? They authenticate into a radius server
0
 
Voltz-dkCommented:
But that would be bound to some VPN profile, and does not conflict with this.  You could even have a 2nd RADIUS server used for admin access.
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
dissolvedAuthor Commented:
Ok cool. How do I set it up my man
0
 
Voltz-dkCommented:
Which one of'em?  Local users or a 2nd RADIUS?  For Local users the former posts shows..
What software version are you running?
0
 
dissolvedAuthor Commented:
in order to go into enable mode, the user must know the enable password right? Is there anyway to make users , with priv 15, who can go into enable mode with their own password
0
 
Voltz-dkCommented:
Yes, but I believe you have to choose.  That is either you use enable password, or they their own.  Not a mix.

aaa authentication enable console LOCAL
---
Depending on version it might behave differently.. I think in older versions you must use the login command to get to enable.
In any case it has a tendency to ask for both username & password again. (When using local db, if using RADIUS it only asks for password).

I have also seen it only ask for password right after using ssh, but if you then disable and enable again it will ask for user too.. how consistent :)
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now