Solved

ACServer 4.1 can't get enable access via telnet/ssh now?

Posted on 2010-09-12
1
1,614 Views
Last Modified: 2012-08-13
Hello,
  I just implimented a ACServer 4.1 on my network. I am using an ASA 5520 with TACACS+ authentication. I did something recently and now I can't authenticate to get to enable access via telnet/ssh. I have ACServer querying active directory to authenticate my users.

here's what I know. My AD account is a domain admin. I was previously setup correctly so that I can get into the device via telnet/ssh/asdm. I am able to connect with full access to the ASDM using my AD username and password. I am not setup as a local user on the ASA. I am able to actually log into the ASA via telnet/ssh but when I use the enable command I get a password box. I used to use my AD password and was able to get in but not it won't let me. I also tried a local user on the ASA and same thing. ON the ACServer under reports and activity - failed attempts - I see the following errror in regards to my enable attempt.

ACS password invalid.

I've tried every password imaginable! where should I look?


Could this have anythign to do with it? Privlege level 0 on the enable access?
 ASDM
0
Comment
Question by:jbla9028
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 1

Accepted Solution

by:
jbla9028 earned 0 total points
ID: 33657253
disregard. I figured it out. under the ACS under the user there's an option list as TACACS+ Enable password for some reason it got changed for all users to use sperate passwrod it should be on use external databse password - windows database.

0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question