Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2449
Views
0
Helpful
1
Replies

Removing AAA config while sshing or telnet

Go to solution
enzo80
Level 1
Level 1

‎11-30-2021 01:33 AM

I require to remove AAA configuration and put back again after complete my activity,

Can you please guide me, what would be the best way to remove it. My worries is, when I remove beow command at any point of time, Will it throw an error "command authorzation failed"..? Quick/correct answers much apreciated..:-)

 

 

 

Correct me, in this below order I shall remove or which one shl good

 

no aaa authentication enable console MYTACACS LOCAL

no aaa authentication http console MYTACACS LOCAL

no aaa authentication serial console MYTACACS LOCAL

no aaa authentication ssh console MYTACACS LOCAL

no aaa authentication telnet console MYTACACS LOCAL

no aaa authorization command MYTACACS LOCAL

no aaa accounting enable console MYTACACS

no aaa accounting serial console MYTACACS

no aaa accounting ssh console MYTACACS

no aaa accounting telnet console MYTACACS

no aaa accounting command privilege 15 MYTACACS

 

 

no aaa-server MYTACACS protocol tacacs+

no aaa-server MYTACACS (inside) host 192.168.1.212

no aaa-server MYTACACS (inside) host 192.168.1.213

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
PSM
Level 1
Level 1

‎11-30-2021 04:36 AM

Your worries are correct  

 

First remove all command authorization from AAA config. 

 

no aaa authorization command MYTACACS LOCAL

 

After this you can remove rest AAA configuration from device and device will not throw authorization error.

 

 

After command authorization from external AAA is disabled, now its the user priviliege which is getting assigned from AAA will be deciding factor for switch to authorize commands locally.

 

Before logging out you need to make sure you have valid local user and password for the device.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
PSM
Level 1
Level 1

‎11-30-2021 04:36 AM

Your worries are correct  

 

First remove all command authorization from AAA config. 

 

no aaa authorization command MYTACACS LOCAL

 

After this you can remove rest AAA configuration from device and device will not throw authorization error.

 

 

After command authorization from external AAA is disabled, now its the user priviliege which is getting assigned from AAA will be deciding factor for switch to authorize commands locally.

 

Before logging out you need to make sure you have valid local user and password for the device.

0 Helpful
Customers Also Viewed These Support Documents
Top