Console Authentication Problem

Unanswered Question
Jan 14th, 2010
User Badges:

HI, I have cisco 1841 Router configured for AAA authentication.


Everything is fine only problem with console authentication. I dont want to have AAA authentication console. I want to use local console password prompt when somone console the router. Below mention is my configuration but still it is asking for the username and password. I want only password prompt and password that I have configured on the line console. But It is not working for me. Please tell me what I am missing.




aaa authentication login default group tacacs+ local enable
aaa authentication login console none
aaa authentication login notacacs local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local



line con 0
password cisco
login authentication notacacs

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Erick Delgado Thu, 01/14/2010 - 07:48
User Badges:
  • Bronze, 100 points or more

Hi.


Per security aaa will not allow you to use the line password.


Please add a local user and use that local user for authentication.


usernamer xxxx privilege 15 password xxxx.


Ad an user and authenticate with that one.


Regards,

Jagdeep Gambhir Thu, 01/14/2010 - 10:08
User Badges:
  • Red, 2250 points or more

Dear Wasim,

Please use this command and try,



aaa authentication login console line




Hope that helps!



Regards,

~JG


Do rate helpful posts

Ganesh Hariharan Thu, 01/14/2010 - 23:56
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Hi Wasim,


For aaa configuration in console check out the below configuration for console authentication


aaa authentication login CONSOLE line


There is only one authentication method (line).
Once a named list (in this example, CONSOLE) is created, it must be applied to a line or interface for it to come into effect. This is done using the


login authentication list_name command:
      line con 0
          exec-timeout 0 0
          password cisco
          login authentication CONSOLE


The CONSOLE list overrides the default method list default on line con 0.


Note: To have console access authenticated by a local username and password, use:


    aaa authentication login CONSOLE local


Note: In this case, a username and password have to be configured in the local database of the router. The list must also be applied to the line or interface.


Note: To have no authentication, use


    aaa authentication login CONSOLE none


Note: In this case, there is no authentication to get to the console access. The list must also be applied to the line or interface.


Hope that helps out your query !!


Regards

Ganesh.H

Actions

This Discussion