cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
411
Views
0
Helpful
1
Replies

aaa authorization ACA4.1

aessome
Level 1
Level 1

i configure aaa on my switch and cannog get telnet loggin. in the PAsst Athem ACS Server: Authentication is OK, but FailItem Unknown NAS

Thanks for any Help

-----------------------------------------aaa new-model

aaa authentication login default group radius local

aaa authentication login CONSOLE local

aaa authentication enable default group tacacs+ enable

aaa authentication dot1x default group radius

aaa authorization exec default group tacacs+

aaa authorization exec CON none

aaa authorization network default group radius

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default stop-only group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

----------------------------------------

Switch output:

Username: aessome-d

Password:

% Authorization failed.

Connection closed by foreign host.

1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

You want to use radius or tacacs ? Make sure you have priv 15 configured in acs,

Bring users/groups in at level 15

1. Go to user or group setup in ACS

2. Drop down to "TACACS+ Settings"

3. Place a check in "Shell (Exec)"

4. Place a check in "Privilege level" and enter "15" in the adjacent field

Regards,

~JG

Do rate helpful posts