Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

CatOS 7.6(2) and tacacs+ enable mode

I am running a 6513 with CatOS 7.6(2), authenticating using tacacs+. Authentication works fine and I am pretty familiar with the configuration aspects of tacacs+. I am trying to allow users level 15 access upon being authenticated (this works fine on IOS), but it does not work on CatOS.

I can add the command "set authentication enable tacacs enable" or the command "set authorization enable enable tacacs none", but after successfully logging in (using tacacs), I am not in priviledged mode and if I type "enable", I then have to provide my tacacs+ password again in order to get to enable mode.

The tacacs+ server is configured to allow priviledge level 15 as well as tacacs+ enable. ACS version is (3.0.2.5)

Bottom line: Is there a way to have CatOS drop you into level 15 or enable mode after a successful authenication using tacacs+ ??

Thanks in advance.

Scott

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: CatOS 7.6(2) and tacacs+ enable mode

Scott,

Try this. It worked for me on the 6500 platform (although with an older version of code):

set authentication login tacacs enable all primary

set authorization exec enable tacacs+ none both

Rich

1 REPLY
New Member

Re: CatOS 7.6(2) and tacacs+ enable mode

Scott,

Try this. It worked for me on the 6500 platform (although with an older version of code):

set authentication login tacacs enable all primary

set authorization exec enable tacacs+ none both

Rich

115
Views
0
Helpful
1
Replies
CreatePlease to create content