I'm trying to set up authorization for my routers with Cisco ACS 3.0 and I keep locking myself out :-) Here's what I'm typing in:
aaa authentication login default tacacs+ aaa authentication login NO_AUTHENT none username router password letmein aaa authorization commands 15 default tacacs+ aaa authorization exec default tacacs+ aaa authorization exec NO_AUTHOR none aaa authorization commands 15 NO_AUTHOR none ip http server ip http authentication tacacs ip tacacs source-interface Serial 0 tacacs-server host 192.168.252.51 tacacs-server key cisco This is the error I get when I try and do anything: 'Command authorization failed.' It actually errors at the first authorization line. I think I'm missing something on the ACS server, but I can find anything. I'm mapping a group from WIN2K if that makes a difference and I can authenticate just fine. Do I need to make a change in the group on the server? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37911&t=37911 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
