[OSL | CCIE_Security] Commands authorization with TACACS

2012-07-29 Thread Eugene Pefti
Guys, I'm pulling my hair not understanding why it happens. The user (priv 15) is assigned a set of commands which are as follows: Show permit ver (no permit unmatched arguments) Show permit proc cpu (no permit unmatched arguments) Configure permit terminal (no permit unmatched arguments)

Re: [OSL | CCIE_Security] Commands authorization with TACACS

2012-07-29 Thread Eugene Pefti
Subject: Re: [OSL | CCIE_Security] Commands authorization with TACACS Eugene Have you enabled cmd authorization for level 1 (globally and under VTY) ? Regards, -- Piotr Kaluzny CCIE #25665 (Security), CCSP, CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com On Sun, Jul 29, 2012

Re: [OSL | CCIE_Security] Commands authorization

2012-07-08 Thread Eugene Pefti
: Re: [OSL | CCIE_Security] Commands authorization Thanks, pal. Yeah... I realize it now. Just to recap. I did commands authorization two ways. First was assigning a user priv 15 level via TACACS and assigning him a certain commands set. The attempt to run the unassigned command ended up in Command

Re: [OSL | CCIE_Security] Commands authorization

2012-07-08 Thread Mike Rojas
-commands and deny it on the tacacs. Mike From: eug...@koiossystems.com To: walleed...@hotmail.com; ccie_security@onlinestudylist.com Date: Sun, 8 Jul 2012 18:03:17 + Subject: Re: [OSL | CCIE_Security] Commands authorization Sorry for coming back to the same topic again. Now I have

Re: [OSL | CCIE_Security] Commands authorization

2012-07-08 Thread Eugene Pefti
From: Mike Rojas [mailto:mike_c...@hotmail.com] Sent: Sunday, July 08, 2012 11:08 AM To: Eugene Pefti; walleed...@hotmail.com; ccie_security@onlinestudylist.com Subject: RE: [OSL | CCIE_Security] Commands authorization The command hostname is being denied on the tacacs? This looks fine: privilege

[OSL | CCIE_Security] Commands authorization

2012-07-06 Thread Eugene Pefti
Folks, I'm honing my skills in commands authorization and ran into something that put me on guard. I have a number of commands defined in a command authorization set and the router and TACACS user settings are configured for a particular privilege level. When I run the command that is not

Re: [OSL | CCIE_Security] Commands authorization

2012-07-06 Thread waleed '
:26 + Subject: [OSL | CCIE_Security] Commands authorization Folks, I’m honing my skills in commands authorization and ran into something that put me on guard. I have a number of commands defined in a command authorization set and the router and TACACS user settings are configured

Re: [OSL | CCIE_Security] Commands authorization

2012-07-06 Thread Eugene Pefti
' [mailto:walleed...@hotmail.com] Sent: Friday, July 06, 2012 8:35 PM To: Eugene Pefti; CCIE Security Subject: RE: [OSL | CCIE_Security] Commands authorization you have to check what you configured for commands authorization and for exec authorization , you will have this message % Invalid input