Unanswered Question
May 17th, 2010

Hello dears,

I m trying to configure the autocommand for jr engineer,that when he telnet to router he shld see the menu of selection,I m trying to configure according to book but it is not working. When the user login he is able to see the menu but when the user select the number for suppose 1 or 2 he gets an error invalid output,please find the attached.

Step 1.
Begin with the goal. In this situation, you have an  administrator, that we call junior-admin, log in to a router via the Telnet  protocol. This junior-admin is not allowed to make major changes to the router  rbb. What you want to happen here is for junior-admin to see a menu when they  authenticate to ACS, choose an option from that menu, and have authorization  take place for those commands. Example  8-3 shows the configuration of the menu that is accessed by junior-admin  upon accessing the command line of rbb.

Example 8-3. Menu Configuration
menu admin1 prompt ^C Please select an Action^C
menu admin1 text 1 Show IP Interface Brief
menu admin1 command 1 show ip interface brief
menu admin1 text 2 Show interface fa0/0
menu admin1 command 2 sh int fa0/0
menu admin1 text 3 Show Run Interface fa0/0
menu admin1 command 3 sh run int fa0/0
menu admin1 text 4 Show ip route
menu admin1 command 4 sh ip route
menu admin1 text 5 Show Arp
menu admin1 command 5 show arp
menu admin1 text 6 Clear the Arp table
menu admin1 command 6 clear arp
menu admin1 text 7 EXIT
menu admin1 command 7 logout

Step 2.
After this menu has been added to the router, you can test it  by typing the following command: menu  admin1.

Step 3.
Now that the menu is in place, you want to configure the  TACACS+ settings on the router. Basic AAA commands are given in this example;  however, for more detailed AAA configuration, see Appendix A, "RADIUS Attribute Tables." You now add  the ACS server into the router.

Step 4.
Configure the AAA group and protocol by entering the command  tacacs-server host

Step 5.
Next, configure the secret key by entering the command tacacs-server key cooljive.

Step 6.
To enable authentication, enter the following AAA  configuration command: aaa authentication login  default group tacacs+ local.

To enable the autocommand, simply follow these steps:

Step 1.
Select TACACS+ in the Jump  To list. By selecting TACACS+ in the Jump To  list, you are taken to the TACACS+ Settings configuration screen

Step 2.  From here, scroll to the Shell (exec) section. It is here that you enable the autocommand. You could enter any command here that you would like the user to execute. After the command has been executed, the Telnet connection to rbb drops.

Step 3.  Now that you are in the Shell (exec) configuration section, you want to select the check box next to Shell (exec). This enables junior-admin shell authorization.

Step 4.  Also, check the autocommand option and in the box, enter the command menu admin1. This was displayed in Figure 8-18.

Step 5.  After the configuration is enabled, you can select Submit + Restart to restart the ACS service.

Step 6.  Next, you Telnet from the junior-admin workstation where the junior-admin is prompted to enter a username and password. When authentication has been accepted, the autocommand takes place.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion