It is necessary to grant access and allow commands in TACACS, in order to run the AlgoSec Firewall Analyzer (AFA) automated collection script. What commands does AFA execute when collecting data from PIX/ASA/FWSM devices?
AFA executes the following commands:
show mode terminal pager 100
show route (when dynamic routing is used)
show ipv6 access-list (from 6.4)
show context (when security contexts are defined)