Hello!

Could you help me resolve some problem.

Cisco 7206VXR (NPE400) processor (revision A), Version 12.2(31)SB11

Configuration from the router:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login local-admin-access group tacacs+ local

aaa authentication login remote-admin-access group tacacs+ local

aaa authentication enable default group tacacs+ local

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization exec local-admin-access group tacacs+ if-authenticated

aaa authorization exec remote-admin-access group tacacs+ if-authenticated

aaa accounting exec default stop-only group tacacs+

aaa accounting exec local-admin-access stop-only group tacacs+

aaa accounting exec remote-admin-access stop-only group tacacs+

aaa accounting commands 0 default stop-only group tacacs+

aaa accounting commands 0 local-admin-access stop-only group tacacs+

aaa accounting commands 0 remote-admin-access stop-only group tacacs+

aaa accounting commands 1 default stop-only group tacacs+

aaa accounting commands 1 local-admin-access stop-only group tacacs+

aaa accounting commands 1 remote-admin-access stop-only group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa accounting commands 15 local-admin-access stop-only group tacacs+

aaa accounting commands 15 remote-admin-access stop-only group tacacs+

aaa accounting system default start-stop group tacacs+

When ACS server works, I haven't problem

After I block ACS and try Connect to router..

lab(config-if)#ip access-group 101 in

And I try use local authentication, but she doesn't work (privilege 15 doesn't work)

username test10 privilege 15 secret 5 $1$XJ5K$ANa/.PzJO4fcLpe31jfXk/

User Access Verification

Username: test10

Password:

lab>

Why "privilege 15" doesn't work ?