11-15-2018 02:40 AM - edited 03-11-2019 01:52 AM
Hello all,
I authenticate my switches over an ISE acting as radius server.
When I connect with ssh, everything works well. My radius server return priv15 and I am logged directly in privilege 15.
But the weird thing when I try to connect through the console cable, I get authenticate, the radius server return me the priv15 but the switch ask me to put the "enable" command. When I issue this command, I get rejected because the radius server is not able to find the object "$enab15$" that sounds logical.
So do you have any idea why I can't log with the console cable directly in privilege 15 ?
You can find below my configuration:
aaa new-model aaa group server radius RADIUS-SERVERS aaa authentication login default group RADIUS-SERVERS local aaa authentication enable default group RADIUS-SERVERS enable aaa authentication dot1x default group RADIUS-SERVERS aaa authorization exec default group RADIUS-SERVERS if-authenticated aaa authorization network default group RADIUS-SERVERS if-authenticated aaa accounting send stop-record authentication failure aaa accounting update newinfo periodic 55 aaa accounting exec default start-stop group RADIUS-SERVERS aaa accounting connection default start-stop group RADIUS-SERVERS aaa accounting system default start-stop group RADIUS-SERVERS no aaa accounting system guarantee-first aaa session-id common ! line con 0 logging synchronous escape-character 3 stopbits 1 line vty 0 4 logging synchronous transport input ssh escape-character 3 line vty 5 15 logging synchronous transport input ssh escape-character 3 !
Have a nice day,
Alex
Solved! Go to Solution.
11-15-2018 04:41 AM - edited 11-15-2018 04:46 AM
Hi Alex.
I think you need this command "aaa authorization console" and "authorization exec" in line console
11-15-2018 04:41 AM - edited 11-15-2018 04:46 AM
Hi Alex.
I think you need this command "aaa authorization console" and "authorization exec" in line console
11-15-2018 07:03 AM
It works, many thanks.
Alex
11-15-2018 10:31 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide