Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AAA Authentication

Hi,

I have configure my router to authenticate via a RADIUS server (Windows 2000), following is the configuration

aaa new-model

aaa authentication login default group radius local

aaa authorization exec default group radius local

login authentication default (is set on line console 0)

I have created a backup user account on local.

username root privilege 15 password 7 XXXXXXXXX

Problem is when my RADIUS server goes down i am able to authenticate using the console, but it does not go directly to enable. I have set the privilege for root to 15. It is asking for enable password

Can anyone help.

4 REPLIES
New Member

Re: AAA Authentication

Hi,

you can add a authentication line for enable. for example;

aaa authentication enable default group radius local

makes radius auth for get into enable mode, if radius is down checks the enable secret in your local config.

hope this helps...

New Member

Re: AAA Authentication

there is no option for local

Router(config)#aaa authentication enable default group radius ?

enable Use enable password for authentication.

group Use Server-group

line Use line password for authentication.

none NO authentication.

I am able to telnet and get into enable mode, but using the console i am unable to directly go in enable mode.

New Member

Re: AAA Authentication

ooppss..sorry this is right one:

aaa authentication enable default group radius enable

New Member

Re: AAA Authentication

Tell me does console by default support enable privilege ? I am not sure ..when i set the privilege 15 ...everything worked now i can directly go to enable mode.

334
Views
0
Helpful
4
Replies
CreatePlease login to create content