Authorization Isssue in Cisco 6405 L3 Switch

thiru.vel10 · ‎03-15-2012

HI ,

I have configured the TACACS in my network and I have configured the aaa authorization commands 15 default if-authenticated group tacacs+ in Cisco 6504 Switch. Its allowing me to Login by Unable to run the Sh run commands ,i am getting Aithorization error emssage. If i am checking sh Privillage its showing level 15. Same configuration fine in other device with out issue.

aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication ppp default local
aaa authorization commands 15 default if-authenticated group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+

Please help me on this, this is my core switch so i am not able to reload ....

satya mothukuri · ‎03-15-2012

Hi Thiru,

This are the few comds which we use mostly.

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication enable default group tacacs+ enable

aaa authorization config-commands

aaa authorization exec default group tacacs+ local if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ local if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

hope it works.

Regards,

Satya.M

thiru.vel10 · ‎03-16-2012

Hi Satya,

Thanks for your response , The thing is i am unable to configuration terminal with Locla / Tacacs user ID. I am not able to do any chnages and moreover this my Core Swith , hence i am not able reload . So can you advise me to do sometime ??

Regards

Thiru