Hi all If the router is configured for exec authorization and shell (exec) is not enabled in the user account in the TACACS server (ACS server), the authorization fails. .
But, I wonder why it has been has been decided to reject the user login. I agree, the user doesn't have shell privilege but still he/she can be given priv 0 access as the user has the passed the authenticated If the user needs privilege access, he/she can use enable password to get in. aaa authentication login auth group tacacs+ aaa authorization exec athr group tacacs+ line vty 0 4 authorization exec athr login authentication auth Any thoughts? With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
