cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
848
Views
0
Helpful
4
Replies

Enable password setting through ACS

CiscogeekIND
Level 1
Level 1

I have configured the switches and routers with ACS AAA policy. My commands are like this.

aaa new-model

tacacs-server host x.x.x.x key password

tacacs-server host x.x.x.x key password

aaa authentication login default group tacacs+ local

aaa authorization commands 15 default group tacacs+ local

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

With this commands, when i am telnetting to Devices, instead of telnet password ACS authentication is happening where enable password is same as the switch local password.

Here i want this kind of authentication and also it should use the enable password what ever i set to user.

And also i want to restrict the users based on their Enable password.

Password change policy should reflect to this Enable password.

Please can anyone help me on this.

May i confused you with my all of the questions in single message but i want this kind of policy to be set to my company.

Hope experts reply swoon.

Thanks for all in advance.

4 Replies 4

royalblues
Level 10
Level 10

Have a look at the attached document to configure shell command authorization which should help you configure restrictions based on their credentials

HTH

Narayan

Thanks for your reply, I will check and get back to you.

Here i want to use the enable password for switches and routers should be what ever i configured the user settings in ACS server user database.

I dont find any information regarding on the attached documet. Can you give me the idea.

As far as i know there should be a command

aaa authentication enable group tacacs+ local

Please help me in this regard.

Hello

these are the two commands you are looking for.

aaa authentication login default group tacacs+

aaa authorization exec default group tacacs+ none

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: