Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Console authorization is enabled by default on a Cisco Catalyst switch when Cisco IOS version 12.2 is used

Core issue

This issue is documented in Cisco bug ID CSCeb08860.

Console authorization is incorrectly enabled by default in the console. A login from the console fails with this configuration due to an authorization failure:aaa

    new-model
  aaa authentication login default local
  aaa authentication login no_tacacs none
  aaa authorization exec default local
  line con 0
  login authentication no_tacacs

Resolution

In order to resolve this issue, perform one of these steps:

  • Explicitly configure for no authorization with this configuration:

           aaa authorization exec no_tacacs none
           line con 0

      authorization exec no_tacacs

  • Download and upgrade the Cisco IOS  version to any one of these versions:

  • 12.3(4.2)

  • 12.2(20.4)

  • 12.3(4.4)B

  • 12.2(20.4)S

  • 12.3(5.5)T

  • 12.3(7)XI

  • 12.2(27)SBA

  • 12.2(27)SBB
1129
Views
0
Helpful
0
Comments