this is a config that I have used - it works for both console and vty -
router is a cisco 3660. Before I implemented this, there was a vty password
which was removed when the above commands were entered. For he 2600's, the
"group" option is not needed
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
tacacs-server host x.x.x.x
tacacs-server key xxxxx
line con 0
exec-timeout 0 0
transport input none
line aux 0
line vty 0 4
exec-timeout 0 0
Regards
Andrew Larkins
CCNA
-----Original Message-----
From: Jens Krey [mailto:[EMAIL PROTECTED]]
Sent: 05 September 2000 13:41
To: [EMAIL PROTECTED]
Subject: tacacs+ authentication don�t work on console
Importance: High
Hi,
could anyone write why the tacacs+ authentication don�t work on my
console ? I only have privilege modus 1 and cannot change in the
enable-modus.
On the vty-line it works fine.
"telnet" is a name that i have set.
best regards
Jens
aaa new-model
aaa authentication login telnet tacacs+ local
aaa authentication enable default tacacs+ enable
aaa authorization exec default tacacs+ if-authenticated
!
line con 0
login authentication telnet
!
line vty 0 4
login authentication telnet
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
