Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Does TACACS+ Authorisation work with console?

Hi.

I havce configured routers fo ACS Login with 2 users with different Privilage level. When I log in through telnet it works fine with different privilage level, but when i log in through console the authorisation does not take place properly and i get all privilages for users with lesser privilages also.

All my authorisation is also done in ACS.

2 REPLIES

Re: Does TACACS+ Authorisation work with console?

Yes in can work with console access, I have it working.

Hope that helps.

Hall of Fame Super Silver

Re: Does TACACS+ Authorisation work with console?

Rajesh

There is a reason that it is not working for you and a way to get it to work. It is not working for you because by default authorization does not process on the console connection. Cisco does this as a safety mechanism, because if you configure authorization and get it wrong you can lock yourself out of the router. If authorization does not process on the console then you have a way to recover without needing to blow away the config and recreate it.

If you want authorization to process on the console and you are willing to live with the risk then you can enable authorization on the console using this command:

aaa authorization console

HTH

Rick

185
Views
5
Helpful
2
Replies
CreatePlease to create content