1-31
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Management Access
Configuring AAA for System Administrators
To configure management access and enable command accounting, perform the following steps:
Detailed Steps
Viewing the Currently Logged-In User
To view the current logged-in user, enter the following command:
hostname# show curpriv
The following is sample output from the show curpriv command:
hostname# show curpriv
Username: admin
Current privilege level: 15
Current Mode/s: P_PRIV
Table 1-1 describes the show curpriv command output.
Command Purpose
Step 1
aaa accounting {serial | telnet | ssh |
enable} console server-tag
Example:
hostname(config)# aaa accounting telnet
console group_1
Enables support for AAA accounting for administrative access.
Valid server group protocols are RADIUS and TACACS+.
Step 2
aaa accounting command [privilege level]
server-tag
Example:
hostname(config)# aaa accounting command
privilege 15 group_1
Enables command accounting. Only TACACS+ servers support
command accounting.
Where privilege level is the minimum privilege level and
server-tag is the name of the TACACS+ server group to which
the ASA should send command accounting messages.
Table 1-1 show curpriv Command Output Description
Field Description
Username Username. If you are logged in as the default user, the name is enable_1 (user
EXEC) or enable_15 (privileged EXEC).
Current privilege level Levels range from 0 to 15. Unless you configure local command authorization
and assign commands to intermediate privilege levels, levels 0 and 15 are the
only levels that are used.
Current Mode/s The available access modes are the following:
• P_UNPR—User EXEC mode (levels 0 and 1)
• P_PRIV—Privileged EXEC mode (levels 2 to 15)
• P_CONF—Configuration mode
To Next Page
Loading...
Need help?
General