?
Solved

ACServer 4.1 can't get enable access via telnet/ssh now?

Posted on 2010-09-12
1
Medium Priority
?
1,617 Views
Last Modified: 2012-08-13
Hello,
  I just implimented a ACServer 4.1 on my network. I am using an ASA 5520 with TACACS+ authentication. I did something recently and now I can't authenticate to get to enable access via telnet/ssh. I have ACServer querying active directory to authenticate my users.

here's what I know. My AD account is a domain admin. I was previously setup correctly so that I can get into the device via telnet/ssh/asdm. I am able to connect with full access to the ASDM using my AD username and password. I am not setup as a local user on the ASA. I am able to actually log into the ASA via telnet/ssh but when I use the enable command I get a password box. I used to use my AD password and was able to get in but not it won't let me. I also tried a local user on the ASA and same thing. ON the ACServer under reports and activity - failed attempts - I see the following errror in regards to my enable attempt.

ACS password invalid.

I've tried every password imaginable! where should I look?


Could this have anythign to do with it? Privlege level 0 on the enable access?
 ASDM
0
Comment
Question by:jbla9028
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 1

Accepted Solution

by:
jbla9028 earned 0 total points
ID: 33657253
disregard. I figured it out. under the ACS under the user there's an option list as TACACS+ Enable password for some reason it got changed for all users to use sperate passwrod it should be on use external databse password - windows database.

0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question