AAA Authentication

aryan-d · ‎12-04-2003

Hi,

I have configure my router to authenticate via a RADIUS server (Windows 2000), following is the configuration

aaa new-model

aaa authentication login default group radius local

aaa authorization exec default group radius local

login authentication default (is set on line console 0)

I have created a backup user account on local.

username root privilege 15 password 7 XXXXXXXXX

Problem is when my RADIUS server goes down i am able to authenticate using the console, but it does not go directly to enable. I have set the privilege for root to 15. It is asking for enable password

Can anyone help.

nihal.akbulut · ‎12-04-2003

Hi,

you can add a authentication line for enable. for example;

aaa authentication enable default group radius local

makes radius auth for get into enable mode, if radius is down checks the enable secret in your local config.

hope this helps...

aryan-d · ‎12-04-2003

there is no option for local

Router(config)#aaa authentication enable default group radius ?

enable Use enable password for authentication.

group Use Server-group

line Use line password for authentication.

none NO authentication.

I am able to telnet and get into enable mode, but using the console i am unable to directly go in enable mode.

nihal.akbulut · ‎12-04-2003

ooppss..sorry this is right one:

aaa authentication enable default group radius enable

aryan-d · ‎12-04-2003

Tell me does console by default support enable privilege ? I am not sure ..when i set the privilege 15 ...everything worked now i can directly go to enable mode.