07-04-2003 08:37 AM - edited 03-10-2019 07:23 AM
Hi,
I want to configure aaa authorisation with tacacs+ for console login, but in the cisco documentation I have found the following line ""Note Authorization is bypassed for authenticated users who log in using the console line, even if authorization has been configured. "" ??? Is it rigth that there are no way to configure authorization for console login ???
THX
Larry
Solved! Go to Solution.
07-04-2003 09:15 AM
Hi Larry,
Some additional info, may be this is what you are experiencing.
Console port authorization was not added as a feature until Bug ID CSCdi82030 was implemented. Console port authorization is off by default to lessen the likelihood of accidentally being locked out of the router. If a user has physical access to the router via the console, console port authorization is not extremely effective. However, for images in which Bug ID CSCdi82030 has been implemented, console port authorization can be turned on under line con 0 with the hidden command aaa authorization console.
You can obtain specific information on a Bug ID by using the Bug Toolkit, linked from Tools and Utilities.
Thanks,
yatin
07-04-2003 09:08 AM
Hi Larry,
There surely is a way to implement aaa authorization on console.
line con 0
login authentication ....
authorization exec .... <<<==== for authorization
2)
aaa authorization console <<<== in Global Config mode.
Hope this helps,
Yatin
07-04-2003 09:15 AM
Hi Larry,
Some additional info, may be this is what you are experiencing.
Console port authorization was not added as a feature until Bug ID CSCdi82030 was implemented. Console port authorization is off by default to lessen the likelihood of accidentally being locked out of the router. If a user has physical access to the router via the console, console port authorization is not extremely effective. However, for images in which Bug ID CSCdi82030 has been implemented, console port authorization can be turned on under line con 0 with the hidden command aaa authorization console.
You can obtain specific information on a Bug ID by using the Bug Toolkit, linked from Tools and Utilities.
Thanks,
yatin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide