03-15-2012 09:08 PM - edited 03-04-2019 03:41 PM
HI ,
I have configured the TACACS in my network and I have configured the aaa authorization commands 15 default if-authenticated group tacacs+ in Cisco 6504 Switch. Its allowing me to Login by Unable to run the Sh run commands ,i am getting Aithorization error emssage. If i am checking sh Privillage its showing level 15. Same configuration fine in other device with out issue.
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication ppp default local
aaa authorization commands 15 default if-authenticated group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
Please help me on this, this is my core switch so i am not able to reload ....
03-15-2012 09:17 PM
Hi Thiru,
This are the few comds which we use mostly.
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization exec default group tacacs+ local if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
hope it works.
Regards,
Satya.M
03-16-2012 04:12 PM
Hi Satya,
Thanks for your response , The thing is i am unable to configuration terminal with Locla / Tacacs user ID. I am not able to do any chnages and moreover this my Core Swith , hence i am not able reload . So can you advise me to do sometime ??
Regards
Thiru
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: