Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

enable mode using privilege levels

Hi All,

We use TACACS+ for telnet access and enable secret password for privileged access. An user would like to enter the enable mode without entering the enable secret password. Is it possible to do this using privilege levels and shell exec on the AAA server?

3 REPLIES
Hall of Fame Super Silver

Re: enable mode using privilege levels

Meena

Yes it is possible to configure the user on the AAA server so that when they telnet to a router that they go directly into privilege mode. You configure the parameters on the AAA server and configure aaa authorization on the router. Note that by default this does work for telnet and does not work for access through the console.

HTH

Rick

New Member

Re: enable mode using privilege levels

I have configured a user on AAA server and under the enable options, I have selected level 15 and under shell exec, I have selected privilege level 15.

The router has following config

aaa authorization exec default tacacs+ if-authenticated

aaa authorization commands 1 default tacacs+ if-authenticated

aaa authorization commands 15 default tacacs+ if-authenticated

Am I missing any other commands?

New Member

Re: enable mode using privilege levels

Hello : Hoy do you implementation the access telnet in the router. I have configured a user on AAA server, but I telnet the router I put the username and password the router display error

access denied.

why ??

136
Views
0
Helpful
3
Replies