Yes name or default if you specify non none methods it works well.. Sent from my iPhone
On Oct 8, 2012, at 9:41 AM, Jay McMickle <[email protected]> wrote: I typically give it a specific name unless told to use the default method: *** CONFIGURE IT *** R8(config)# aaa authentication login noaaa line ! line con 0 login authentication noaaa pass cisco ! exit exit Password: R8>enable view Password: R8# *Oct 8 01:30:23.619: %PARSER-6-VIEW_SWITCH: successfully set to view 'root'. R8#conf t parser view testuser secret ipexpert commands exec include configure terminal commands exec include all interface commands exec include all show *** TEST IT *** R7#telnet 150.100.78.8 Trying 150.100.78.8 ... Open ! Username: testuser Password: R8>config t (notice enable isn’t needed) Enter configuration commands, one per line. End with CNTL/Z. R8(config)>do sh run Building configuration... Current configuration : 190 bytes ! <OMITTED> Regards, Jay McMickle- 3x CCNP (R&S,Security,Design), CCIE #35355 (R&S) From: Kingsley Charles <[email protected]> To: GuardGrid <[email protected]> Cc: ccie_security <[email protected]> Sent: Sunday, October 7, 2012 9:43 PM Subject: Re: [OSL | CCIE_Security] Role Based CLI Configure the CLI view and then enable the default method. With regards Kings CCNA,CCSP,CCNP,CCIP,CCIE 35914 (Security) On Mon, Oct 8, 2012 at 3:47 AM, GuardGrid <[email protected]> wrote: It looks like when you enable aaa and then set the default method to none, so that we do not accidentally do not lock the console access and proceed to configuring the view by entering the "enable view" command you get this below error message. *Oct 7 18:08:39.990: %AAA-6-USER_BLOCKED: Enable view requires to be authenticated by non-none methods,Please use the appropriate method with the login authentication If I remove the default none command from global config it seems to work fine. So with role based CLI, if we are configuring the views from the console do we not set anything for console or use the local or line? -Srikant _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit http://www.ipexpert.com/ Are you a CCNP or CCIE and looking for a job? Check out http://www.platinumplacement.com/ _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
