aaa new-model

Unanswered Question
Feb 9th, 2008

dear all,

how we can login to the console without asking usrname & password when aaa new model is enabled

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
pciaccio Sat, 02/09/2008 - 16:22

Try this:

aaa authentication login default none

This will log you in without any authentication....Good Luck..Pls rate...

Richard Burts Sun, 02/10/2008 - 12:59


While the solution suggested by Phil will certainly let you login to the console without prompting for username and password, it will also do this for access to the router by telnet or SSH. If you are going to have no authentication then I question why to enable AAA at all.

I would suggest a different solution. Assuming that you want to use AAA to authenticate users by ID and password for telnet or SSH then you can set up a different authentication method for the console. Depending on what you want to do you could authenticate by the line password (which is what many people do) or you could not authenticate at all (which is the result of the suggestion made by Phil). The configuration might look something like this:

aaa authentication login console line

line con 0

login authentication console



aruldaspr Mon, 02/11/2008 - 07:14

hi Rick

thx for the reply,

this is my config ,in this RTR there is enable secret and a username &pswd is configured.when i am try to loging throug console it asking the username .

aaa authentication login default group radius local

aaa authentication enable default group radius enable

aaa authorization exec default group radius if-authenticated

aaa authorization network default group radius

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa accounting system default start-stop group radius

my requirement is that ,i want to access RTR console without asking any username or password.

i add the folowing line to aaa list but it still asking the username

aaa authentication login CONSOLE none

line con 0

exec-timeout 0 0

login authentication CONSOLE

Richard Burts Mon, 02/11/2008 - 07:58


I am surprised that adding these lines did not allow you to login directly to the console without prompt for name and password. I wonder if there is some mismatch in the name used in the aaa command and in the console command. Would you be able to post the show running-config from the router so that we can see if there is anything else affecting this?



kalpana-menta Wed, 02/13/2008 - 10:08

If you have this command "aaa authentication enable default group radius enable "

By default username /password is prompted for console enable. you need to remove this and set aaa authorization previleges /exec commands explicity for just vty sessions.


This Discussion