Hi Alejandra,

I don't know if this helps you... When I try to access via ASDM, the ASA answers me: "You are not allowed to modify ASA configuration, because you do not have sufficient privileges." then the ASA asks me the network password. So if I enter the admin password I can see the config, if I use the RO user, the ASA doesn't grant access.

I'm trying to solve this configuring the next command: "privilege show level 5 mode exec command asdm".... Is correct this command??

The aaa configuration is the next:

aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server RADIUS (inside) host Radius
aaa-server ACS protocol radius
aaa-server ACS (inside) host 172.X.X.220
aaa-server ACS_V5 protocol radius
aaa-server ACS_V5 (inside) host 172.X.X.65
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
aaa authorization command LOCAL
    a09c9bfd 3da0cbb6 b24c3a63 4439dcf5 151d742b aaa8a754 c72e3325 92920de7
 authentication aaa certificate
 authentication aaa certificate
 authentication aaa certificate
 authentication aaa certificate
privilege show level 3 mode exec command aaa-server
privilege show level 3 mode exec command aaa
privilege show level 3 mode configure command aaa-server
privilege show level 3 mode configure command aaa
privilege clear level 3 mode exec command aaa-server
privilege clear level 3 mode configure command aaa-server

Thanks in advance!!!

Regards,
David.

Hello Davis,

I can see you are using local authentication for SSH and Telnet, but you would need to add http authentication as well.

aaa authentication http console LOCAL.

Let me know your comments

Hi Alejandra,

I have tested this command but it doesn't solve my problem... The ASA follow asking me the credentials and, if I use the level 5 user, the ASA doesn't let me see the device configuration.....

Can you help me???

Thanks in advance.

Regards.

David.

David,

Can you please send me the output of the command: show running | inc privileges