[rancid] ASA IOS 9.8(2) support?

Bob Brunette Bob.Brunette at cdw.com
Mon Sep 11 18:09:07 UTC 2017

If you're authenticating to a server, you can use this to skip the enable:

aaa authorization exec authentication-server auto-enable

For both this and the 'LOCAL' version, remember to change the autoenable value to '1' in your .cloginrc file.


On 9/11/17, 12:17 PM, "Rancid-discuss on behalf of Ryan West" <rancid-discuss-bounces at shrubbery.net on behalf of rwest at zyedge.com> wrote:

    On Mon, Sep 11, 2017 at 01:47:38, Wayne Eisenberg wrote:
    > Subject: [rancid] ASA IOS 9.8(2) support?
    > Hi,
    > I have an ASA firewall running version 9.8(2), and the clogin script 
    > is missing something in the sequence such that I don't get to the 
    > enable mode properly.
    Hi Wayne,
    Try this -
    no aaa authentication login-history
    The alternative is that clogin itself needs to be updated to ignore the new : that shows up in the login banner.  And yet another alternative is this -
    aaa authorization exec LOCAL auto-enable
    That assumes you are using the local database and that the user has exec privs, but it skips the need for enable and behaves like more like a router.
    Rancid-discuss mailing list
    Rancid-discuss at shrubbery.net

More information about the Rancid-discuss mailing list