% Authorization failed

bluesea2010 · ‎10-06-2015

Hi

I have below configuration , for some reason i cannot access console .getting % Authorization failed

aaa new-model
!
!
aaa authentication attempts login 3
aaa authentication login console none
aaa authentication login ssh group radius local
aaa authentication dot1x default group radius
aaa authorization exec default group radius local
aaa authorization network default group radius
aaa accounting session-duration ntp-adjusted
aaa accounting update periodic 15
aaa accounting identity default start-stop group radius
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!
!
!
!
!
aaa server radius dynamic-author
client 10.0.10.1 server-key key
client 10.0.10.2 server-key key
auth-type any
!
aaa session-id common

line con 0
exec-timeout 0 0
login authentication console
stopbits 1

Thanks

nspasov · ‎10-06-2015

Looks like you are missing two commands:

Globally:

aaa authorization console

Under the Console Line:

authorization exec default

Thank you for rating helpful posts!

bluesea2010 · ‎10-06-2015

Hi ,

Thanks what does this command do , what if i don't need console authentication ?

nspasov · ‎10-07-2015

Well there are three parts to AAA. Authentication, Authorization and Accounting. Based on your original output it appears that you are passing authentication but failing authorization. Thus, you must enable authorization for the console line as well.

If you want to disable AAA from being performed on the console line then do this:

line con 0
no login authentication console
no login

Thank you for rating helpful posts!