Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
1
Replies

unable to get into privildge mode

tpahuja
Level 1
Level 1

‎08-23-2018 10:36 AM - edited ‎03-11-2019 01:48 AM

Folks,

          I have the following AAA commands on my router in production. I am  trying to console in and unable to get into enable mode. When i login it askes me for a username/password which i proviode, then it asks me for an enable password when i type in enable. i tried all the passwords( enable password, enable secret, line con password) they all failed. Any ideas?

 

 

 

 

username cisco privilege 15 password 7 0822455D0A16

aaa new-model

aaa authentication login LOREAL-TACACS group tacacs+ local

aaa authentication login LOCAL-ACCESS local

aaa authentication enable default group tacacs+ enable

aaa authorization config-commands

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 0 default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

 

 

line con 0

exec-timeout 0 0

password 7 120D46461C021813

logging synchronous

login authentication LOCAL-ACCESS

0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎09-01-2018 09:21 AM

aaa authentication enable default group tacacs+ enable

 

is using the group tacacs+ to authenticate for "enable" until all servers in that group detected as un-available. If you are using ISE, please check T+ Live Logs.

 

0 Helpful
Customers Also Viewed These Support Documents