The information in this document was created from the devices in a specific lab environment.All of the devices used in this document started with a cleared (default) configuration.If your network is live, make sure that you understand the potential impact of any command.
aaa-server ISE protocol tacacs+ aaa-server ISE (mgmt) host 10.48.17.88 key cisco
ciscoasa# test aaa authentication ISE host 10.48.17.88 username administrator Krakow123 INFO: Attempting Authentication test to IP address <10.48.17.88> (timeout: 12 seconds) INFO: Authentication Successful
EKORNEYC-M-K04E:~ ekorneyc$ ssh email@example.com firstname.lastname@example.org's password: Type help or '?' for a list of available commands. ciscoasa# ciscoasa# configure terminal ciscoasa(config)# crypto ikev1 policy 10 ciscoasa(config-ikev1-policy)# encryption aes ciscoasa(config-ikev1-policy)# exit ciscoasa(config)# exit ciscoasa#
EKORNEYC-M-K04E:~ ekorneyc$ ssh email@example.com firstname.lastname@example.org's password: Type help or '?' for a list of available commands. ciscoasa# ciscoasa# show version | include Software Cisco Adaptive Security Appliance Software Version 9.5(1) ciscoasa# ping 22.214.171.124 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 126.96.36.199, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/30 ms ciscoasa# configure terminal Command authorization failed ciscoasa# traceroute 188.8.131.52 Command authorization failed