Console Authentication Problem

Unanswered Question
Jan 14th, 2010

HI, I have cisco 1841 Router configured for AAA authentication.

Everything is fine only problem with console authentication. I dont want to have AAA authentication console. I want to use local console password prompt when somone console the router. Below mention is my configuration but still it is asking for the username and password. I want only password prompt and password that I have configured on the line console. But It is not working for me. Please tell me what I am missing.

aaa authentication login default group tacacs+ local enable
aaa authentication login console none
aaa authentication login notacacs local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local

line con 0
password cisco
login authentication notacacs

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Erick Delgado Thu, 01/14/2010 - 07:48

Hi.

Per security aaa will not allow you to use the line password.

Please add a local user and use that local user for authentication.

usernamer xxxx privilege 15 password xxxx.

Ad an user and authenticate with that one.

Regards,

Jagdeep Gambhir Thu, 01/14/2010 - 10:08

Dear Wasim,

Please use this command and try,

aaa authentication login console line


Hope that helps!

Regards,

~JG

Do rate helpful posts

Ganesh Hariharan Thu, 01/14/2010 - 23:56

Hi Wasim,

For aaa configuration in console check out the below configuration for console authentication

aaa authentication login CONSOLE line


There is only one authentication method (line).
Once a named list (in this example, CONSOLE) is created, it must be applied to a line or interface for it to come into effect. This is done using the

login authentication list_name command:
      line con 0
          exec-timeout 0 0
          password cisco
          login authentication CONSOLE

The CONSOLE list overrides the default method list default on line con 0.

Note: To have console access authenticated by a local username and password, use:

    aaa authentication login CONSOLE local

Note: In this case, a username and password have to be configured in the local database of the router. The list must also be applied to the line or interface.

Note: To have no authentication, use

    aaa authentication login CONSOLE none

Note: In this case, there is no authentication to get to the console access. The list must also be applied to the line or interface.

Hope that helps out your query !!

Regards

Ganesh.H

Actions

This Discussion