07-31-2013 09:40 AM - edited 03-10-2019 08:42 PM
I am trying to secure a few Nexus switches with tacacs+ I am able to authenticate logins but I don't see the command for privileged mode, for example on a 2960 switch it was; aaa authentication enable default group tacacs+ enable
Was this removed on the NX-OS software?
Solved! Go to Solution.
07-31-2013 01:38 PM
NXOS uses RBAC so you don't need to use "enable" to get to priv mode. Your TACACS server has to be configured with the correct roles however to get priv access if that makes sense.
Sent from Cisco Technical Support Android App
07-31-2013 01:38 PM
NXOS uses RBAC so you don't need to use "enable" to get to priv mode. Your TACACS server has to be configured with the correct roles however to get priv access if that makes sense.
Sent from Cisco Technical Support Android App
07-31-2013 03:04 PM
Thanks! After spending some time with the debug logs I was able to work it out. I do like having a separate enable password though.
Sent from Cisco Technical Support iPad App
07-31-2013 03:50 PM
Glad you got it worked, debugs FTW!
Sent from Cisco Technical Support iPhone App
07-31-2013 06:01 PM
Hi David,
I agree with Chris. Exec authorization by-deafult enabled on NX-OS. The below listed commands are replaced by Role based access (RBAC).
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+
You can find Cisco NX-OS/IOS Software Default Configuration Differences here
Nexus user accounts and RBAC
Security (AAA and Roles) Troubleshooting
~BR
Jatin Katyal
**Do rate helpful posts**
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide