- config - session - debug

allows "line vty 0 4"

aaa new-model

aaa authentication login vty group tacacs+ local

aaa authentication login console line

aaa authentication enable default group tacacs+ enable

aaa authorization config-commands

aaa authorization exec vty group tacacs+ local

aaa authorization exec console local

aaa authorization commands 5 vty group tacacs+

aaa authorization commands 15 vty group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

Unauthorized access is strictly prohibited!

Username: username

Password:

LabrtrB#config t

Enter configuration commands, one per line. End with CNTL/Z.

LabrtrB(config)#line vty 0 4

LabrtrB(config-line)#end

LabrtrB#quit

LabrtrB#debug aaa authorization

AAA Authorization debugging is on

LabrtrB#

Jan 21 13:47:34.842: AAA: parse name=tty3 idb type=-1 tty=-1

Jan 21 13:47:34.842: AAA: name=tty3 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=3 channel=0

Jan 21 13:47:34.842: AAA/MEMORY: create_user (0x629C5BEC) user='' ruser='' port='tty3' rem_addr='16.47.207.61' authen_type=ASCII service=LOGIN priv=1

Jan 21 13:47:38.362: tty3 AAA/AUTHOR/EXEC (1080771678): Port='tty3' list='vty' service=EXEC

Jan 21 13:47:38.362: AAA/AUTHOR/EXEC: tty3 (1080771678) user='username'

Jan 21 13:47:38.362: tty3 AAA/AUTHOR/EXEC (1080771678): send AV service=shell

Jan 21 13:47:38.362: tty3 AAA/AUTHOR/EXEC (1080771678): send AV cmd*

Jan 21 13:47:38.362: tty3 AAA/AUTHOR/EXEC (1080771678): found list "vty"

Jan 21 13:47:38.362: tty3 AAA/AUTHOR/EXEC (1080771678): Method=tacacs+ (tacacs+)

Jan 21 13:47:38.362: AAA/AUTHOR/TAC+: (1080771678): user=username

Jan 21 13:47:38.362: AAA/AUTHOR/TAC+: (1080771678): send AV service=shell

Jan 21 13:47:38.362: AAA/AUTHOR/TAC+: (1080771678): send AV cmd*

Jan 21 13:47:38.566: AAA/AUTHOR (1080771678): Post authorization status = PASS_ADD

Jan 21 13:47:38.566: AAA/AUTHOR/EXEC: Processing AV service=shell

Jan 21 13:47:38.566: AAA/AUTHOR/EXEC: Processing AV cmd*

Jan 21 13:47:38.566: AAA/AUTHOR/EXEC: Processing AV priv-lvl=15

Jan 21 13:47:38.566: AAA/AUTHOR/EXEC: Authorization successful

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): Port='tty3' list='vty' service=CMD

Jan 21 13:47:40.790: AAA/AUTHOR/CMD: tty3 (1219681448) user='username'

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): send AV service=shell

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): send AV cmd=configure

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): send AV cmd-arg=terminal

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): send AV cmd-arg=

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): found list "vty"

Jan 21 13:47:40.790: tty3 AAA/AUTHOR/CMD (1219681448): Method=tacacs+ (tacacs+)

Jan 21 13:47:40.790: AAA/AUTHOR/TAC+: (1219681448): user=username

Jan 21 13:47:40.790: AAA/AUTHOR/TAC+: (1219681448): send AV service=shell

Jan 21 13:47:40.790: AAA/AUTHOR/TAC+: (1219681448): send AV cmd=configure

Jan 21 13:47:40.790: AAA/AUTHOR/TAC+: (1219681448): send AV cmd-arg=terminal

Jan 21 13:47:40.790: AAA/AUTHOR/TAC+: (1219681448): send AV cmd-arg=

Jan 21 13:47:40.994: AAA/AUTHOR (1219681448): Post authorization status = PASS_ADD

Jan 21 13:47:45.006: AAA: parse name=tty4 idb type=-1 tty=-1

Jan 21 13:47:45.006: AAA: name=tty4 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=4 channel=0

Jan 21 13:47:45.006: AAA/MEMORY: create_user (0x62AAF52C) user='' ruser='' port='tty4' rem_addr='x.x.x.x' authen_type=ASCII service=LOGIN priv=1

Jan 21 13:47:45.606: AAA/MEMORY: free_user (0x62AAF52C) user='' ruser='' port='tty4' rem_addr='x.x.x.x' authen_type=ASCII service=LOGIN priv=1

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): Port='tty3' list='vty' service=CMD

Jan 21 13:47:47.490: AAA/AUTHOR/CMD: tty3 (1403778660) user='username'

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV service=shell

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV cmd=line

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV cmd-arg=vty

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV cmd-arg=0

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV cmd-arg=4

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): send AV cmd-arg=

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): found list "vty"

Jan 21 13:47:47.490: tty3 AAA/AUTHOR/CMD (1403778660): Method=tacacs+ (tacacs+)

Jan 21 13:47:47.490: AAA/AUTHOR/TAC+: (1403778660): user=username

Jan 21 13:47:47.490: AAA/AUTHOR/TAC+: (1403778660): send AV service=shell

Jan 21 13:47:47.494: AAA/AUTHOR/TAC+: (1403778660): send AV cmd=line

Jan 21 13:47:47.494: AAA/AUTHOR/TAC+: (1403778660): send AV cmd-arg=vty

Jan 21 13:47:47.494: AAA/AUTHOR/TAC+: (1403778660): send AV cmd-arg=0

Jan 21 13:47:47.494: AAA/AUTHOR/TAC+: (1403778660): send AV cmd-arg=4

Jan 21 13:47:47.494: AAA/AUTHOR/TAC+: (1403778660): send AV cmd-arg=

Jan 21 13:47:47.694: AAA/AUTHOR (1403778660): Post authorization status = PASS_ADD

Jan 21 13:48:09.890: %SYS-5-CONFIG_I: Configured from console by username on vty1 (x.x.x.x)