First of all we need to understand one thing, what is config-commands, Commands 1 and commands 15, This will help you understand these aaa commands.
Config-commands----Commands that we can run under configuration Mode, For example: when you login to the router, enter the priv mode and then enter the configuration mode> Type question mark> It will give you the list of the commands that can be run on Config mode.
Similarly , when you enter priv mode (# mode also known as level 15) > Type question mark, It will also display you list of commands that you can run on that mode.
You can always check the level, By following command:
#show privilege level.
and in the same way, You can check what command can be run on what level.
Now Moving on the aaa commands:
aaa authorization config-commands--- This command will check the authorization for the commands on the configuration Mode.
aaa authorization exec default group tacacs+ local--- This command will provide the user level 15 access directly, bypassing enable authentication
aaa authorization commands 1 default group tacacs+---This command will check the authorization of the commands that can be run on level 1.
aaa authorization commands 15 default group tacacs+ local-----
This command will check the authorization for the commands that can be run on level 15
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...