https://community.cisco.com/t5/network-access-control/aaa-and-2950-switch/m-p/410768#M429196 <HTML><HEAD></HEAD><BODY><P>You are correct that by default Cisco does not do authorization on the console port. This is done as a protection to make it more difficult for a misconfiguration to lock you out of the device. So your memory was correct.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Wed, 04 May 2005 13:05:07 GMT Richard Burts 2005-05-04T13:05:07Z https://community.cisco.com/t5/network-access-control/aaa-and-2950-switch/m-p/410767#M429195 <P>Hello,</P><P></P><P>I'm setting up aaa authentication via radius on 2950 switches. I have 'aaa authorization exec radius local' in the config to allow privilege access upon successful auth. It works for vty but for con 0, it only brings me to user access level. Is this something that is just specific to console port? I think I remember something I came across a long time ago that console will always prompt for the enable password. Can someone please verify if this is the case? If not, please advise as to what I may be doing wrong. Thanks.</P><P></P><P>JA</P> Sun, 10 Mar 2019 21:08:28 GMT https://community.cisco.com/t5/network-access-control/aaa-and-2950-switch/m-p/410767#M429195 arevaloj 2019-03-10T21:08:28Z https://community.cisco.com/t5/network-access-control/aaa-and-2950-switch/m-p/410768#M429196 <HTML><HEAD></HEAD><BODY><P>You are correct that by default Cisco does not do authorization on the console port. This is done as a protection to make it more difficult for a misconfiguration to lock you out of the device. So your memory was correct.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Wed, 04 May 2005 13:05:07 GMT https://community.cisco.com/t5/network-access-control/aaa-and-2950-switch/m-p/410768#M429196 Richard Burts 2005-05-04T13:05:07Z