Cisco ASA 5505 Configuration Manual page 695

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Configuring Management Access

To enable accounting of users when they enter the enable command:

To enable accounting of users when they access the adaptive security appliance using Telnet, SSH, or

the serial console:

To configure command accounting:

Click Apply.

Viewing the Current Logged-In User

To view the current logged-in user, enter the following command in Tools > Command Line Interface:

show curpriv

See the following sample show curpriv command output. A description of each field follows.

show curpriv

Username : admin

Current privilege level : 15

Current Mode/s : P_PRIV

Go to Configuration > Device Management > Users/AAA > AAA Access > Accounting, and check

the Require accounting to allow accounting of user activity > Enable check box.

From the Server Group drop-down list, choose a RADIUS or TACACS+ server group name.

Under the Require accounting for the following types of connections area, check the check boxes

for Serial, SSH, and/or Telnet.

For each connection type, from the Server Group drop-down list, choose a RADIUS or TACACS+

server group name.

Under the Require command accounting area, check Enable.

From the Server Group drop-down list, choose a TACACS+ server group name. RADIUS is not

You can send accounting messages to the TACACS+ accounting server when you enter any

command other than show commands at the CLI.

If you customize the command privilege level using the Command Privilege Setup dialog box (see

"Assigning Privilege Levels to Commands and Enabling Authorization" section on page

you can limit which commands the adaptive security appliance accounts for by specifying a

minimum privilege level in the Privilege level drop-down list. The adaptive security appliance does

not account for commands that are below the minimum privilege level.

describes the show curpriv command output.

show curpriv Command Output Description

Username. If you are logged in as the default user, the name is enable_1 (user

EXEC) or enable_15 (privileged EXEC).

Configuring AAA for System Administrators

Cisco ASA 5500 Series Configuration Guide using ASDM

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 695

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents