05-17-2010 07:08 AM - edited 03-10-2019 05:08 PM
Hello dears,
I m trying to configure the autocommand for jr engineer,that when he telnet to router he shld see the menu of selection,I m trying to configure according to book but it is not working. When the user login he is able to see the menu but when the user select the number for suppose 1 or 2 he gets an error invalid output,please find the attached.
Step 1. | Begin with the goal. In this situation, you have an administrator, that we call junior-admin, log in to a router via the Telnet protocol. This junior-admin is not allowed to make major changes to the router rbb. What you want to happen here is for junior-admin to see a menu when they authenticate to ACS, choose an option from that menu, and have authorization take place for those commands. Example 8-3 shows the configuration of the menu that is accessed by junior-admin upon accessing the command line of rbb. Example 8-3. Menu Configuration! |
Step 2. | After this menu has been added to the router, you can test it by typing the following command: menu admin1. |
Step 3. | Now that the menu is in place, you want to configure the TACACS+ settings on the router. Basic AAA commands are given in this example; however, for more detailed AAA configuration, see Appendix A, "RADIUS Attribute Tables." You now add the ACS server into the router. |
Step 4. | Configure the AAA group and protocol by entering the command tacacs-server host 192.168.1.1. |
Step 5. | Next, configure the secret key by entering the command tacacs-server key cooljive. |
Step 6. | To enable authentication, enter the following AAA configuration command: aaa authentication login default group tacacs+ local. |
To enable the autocommand, simply follow these steps:
Step 1. | Select TACACS+ in the Jump To list. By selecting TACACS+ in the Jump To list, you are taken to the TACACS+ Settings configuration screen |
Step 2. From here, scroll to the Shell (exec) section. It is here that you enable the autocommand. You could enter any command here that you would like the user to execute. After the command has been executed, the Telnet connection to rbb drops.
Step 3. Now that you are in the Shell (exec) configuration section, you want to select the check box next to Shell (exec). This enables junior-admin shell authorization.
Step 4. Also, check the autocommand option and in the box, enter the command menu admin1. This was displayed in Figure 8-18.
Step 5. After the configuration is enabled, you can select Submit + Restart to restart the ACS service.
Step 6. Next, you Telnet from the junior-admin workstation where the junior-admin is prompted to enter a username and password. When authentication has been accepted, the autocommand takes place.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide