Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
1
Replies

Enable authentication through tacacs+

Go to solution
hanwu_dot
Level 1
Level 1

‎01-06-2012 12:05 PM - edited ‎03-10-2019 06:41 PM

I configured authentication for Enable to user Tacacs+. I need it to be authenticated the same time when users are logging in. That is, a user types his username and password, he is directly logged into Enable mode.

However, it stops everytime at exec mode, he has to type "enable " and type his password again to get into enable mode.

any idea?

The aaa config is attached.

thanks

Han

Labels:
120105-aaa_config.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
camejia
Level 3
Level 3

‎01-06-2012 12:18 PM

Han,

You need to add the "aaa authorization exec default group tacacs if-authenticated none" command. Also, the TACACS+ server should be configured to return the privilege level 15 attribute for Shell (EXEC) as well.

NOTE: The feature to get directly into enable mode after typing the Username/Password applies only for IOS devices. Cisco ASA does not include this feature as it is considered a security device.

Regards.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
camejia
Level 3
Level 3

‎01-06-2012 12:18 PM

Han,

You need to add the "aaa authorization exec default group tacacs if-authenticated none" command. Also, the TACACS+ server should be configured to return the privilege level 15 attribute for Shell (EXEC) as well.

NOTE: The feature to get directly into enable mode after typing the Username/Password applies only for IOS devices. Cisco ASA does not include this feature as it is considered a security device.

Regards.

0 Helpful
Customers Also Viewed These Support Documents