Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1629
  • Last Modified:

ACServer 4.1 can't get enable access via telnet/ssh now?

Hello,
  I just implimented a ACServer 4.1 on my network. I am using an ASA 5520 with TACACS+ authentication. I did something recently and now I can't authenticate to get to enable access via telnet/ssh. I have ACServer querying active directory to authenticate my users.

here's what I know. My AD account is a domain admin. I was previously setup correctly so that I can get into the device via telnet/ssh/asdm. I am able to connect with full access to the ASDM using my AD username and password. I am not setup as a local user on the ASA. I am able to actually log into the ASA via telnet/ssh but when I use the enable command I get a password box. I used to use my AD password and was able to get in but not it won't let me. I also tried a local user on the ASA and same thing. ON the ACServer under reports and activity - failed attempts - I see the following errror in regards to my enable attempt.

ACS password invalid.

I've tried every password imaginable! where should I look?


Could this have anythign to do with it? Privlege level 0 on the enable access?
 ASDM
0
jbla9028
Asked:
jbla9028
1 Solution
 
jbla9028Author Commented:
disregard. I figured it out. under the ACS under the user there's an option list as TACACS+ Enable password for some reason it got changed for all users to use sperate passwrod it should be on use external databse password - windows database.

0

Featured Post

The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now