01-04-2008 11:20 AM - edited 03-10-2019 03:35 PM
I have set up my RSA RADIUS server to authenticate logins to my Cisco device(s). And, I have managed to limit which users can login (by assigning them to a Group in RSA and then Activating that group on the router Agent Host). Works fine.
The last thing I'd like to get is for the authenticated user to go directly to EXEC mode (enabled). Right now the user has to do "en" and enter the enable password/secret.
Anybody know how to do this? Thanx in advance.
Paul
01-04-2008 12:10 PM
line vty 0 4
privilege level 15
Here is an example:
[root@Linux root]# telnet 192.168.0.5
Trying 192.168.0.5...
Connected to 192.168.0.5 (192.168.0.5).
Escape character is '^]'.
C
*****************
User Access Verification
Username: test3
Password:
Enter your new PIN, containing 4 to 8 digits,
or
Please re-enter new PIN:
Wait for the code on your card to change, then log in with the new PIN
Enter PASSCODE:
C2960#
CCIE Security
01-04-2008 12:14 PM
Just adding the "privilege level 15" to the line? OK, I'll give it a go. Thanx! (I'll rate if it works...;^)
Paul
01-04-2008 02:36 PM
Works like a champ, thanx. I rated the post but I can't figure out how to mark the answer/thread as "this solved my problem." Any idea how?
Thanx again.
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide