Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
0
Helpful
1
Replies

auth-proxy and "aaa uthorization exec"

hbahaidara
Level 1
Level 1

‎09-10-2005 10:36 AM - edited ‎03-10-2019 02:18 PM

Hello,

In page 610 of "CCIE practical studies: Security" for Dimetry Bokotey:

"when configuring aaa authorization auth-proxy, ensure that aaa authorization isn't enabled as well......"

I think this is wrong argument. In fact, you should enable the exec authorization, otherwise the autth-proxy user will get access to the router exec, which is not desireable.

What do you think?

Labels:
0 Helpful
1 Reply 1

vkapoor5
Level 5
Level 5

‎09-15-2005 11:35 AM

I have not seen the book, but I feel that they are two different things and need not be configured together. For auth-proxy to work, all you need is "aaa authorization auth-proxy......." and corresponding configuration on the AAA server for the users. If you want to control access to the router itself, then use "aaa authorization exec......" as you suggest.

In conclusion, though they are not related and configured together, I agree with you that it is a good practice to have control on who can have exec access to the router.

0 Helpful
Customers Also Viewed These Support Documents