Guys,
I'm pulling my hair not understanding why it happens.
The user (priv 15) is assigned a set of commands which are as follows:
Show permit ver (no permit unmatched arguments)
Show permit proc cpu (no permit unmatched arguments)
Configure permit terminal (no permit unmatched arguments)
Subject: Re: [OSL | CCIE_Security] Commands authorization with TACACS
Eugene
Have you enabled cmd authorization for level 1 (globally and under VTY) ?
Regards,
--
Piotr Kaluzny
CCIE #25665 (Security), CCSP, CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
On Sun, Jul 29, 2012
: Re: [OSL | CCIE_Security] Commands authorization
Thanks, pal.
Yeah... I realize it now.
Just to recap. I did commands authorization two ways.
First was assigning a user priv 15 level via TACACS and assigning him a certain
commands set. The attempt to run the unassigned command ended up in Command
-commands and deny it on the tacacs.
Mike
From: eug...@koiossystems.com
To: walleed...@hotmail.com; ccie_security@onlinestudylist.com
Date: Sun, 8 Jul 2012 18:03:17 +
Subject: Re: [OSL | CCIE_Security] Commands authorization
Sorry for coming back to the same topic again.
Now I have
From: Mike Rojas [mailto:mike_c...@hotmail.com]
Sent: Sunday, July 08, 2012 11:08 AM
To: Eugene Pefti; walleed...@hotmail.com; ccie_security@onlinestudylist.com
Subject: RE: [OSL | CCIE_Security] Commands authorization
The command hostname is being denied on the tacacs?
This looks fine:
privilege
Folks,
I'm honing my skills in commands authorization and ran into something that put
me on guard.
I have a number of commands defined in a command authorization set and the
router and TACACS user settings are configured for a particular privilege level.
When I run the command that is not
:26 +
Subject: [OSL | CCIE_Security] Commands authorization
Folks,
I’m honing my skills in commands authorization and ran into something that put
me on guard.
I have a number of commands defined in a command authorization set and the
router and TACACS user settings are configured
' [mailto:walleed...@hotmail.com]
Sent: Friday, July 06, 2012 8:35 PM
To: Eugene Pefti; CCIE Security
Subject: RE: [OSL | CCIE_Security] Commands authorization
you have to check what you configured for commands authorization and for exec
authorization ,
you will have this message
% Invalid input