06-16-2005 09:53 AM
I am using the local database for AAA but when you log into the console and you enter the username and password it doesn't put you into level 15 like the telnet and http sessions. Any suggestions?
06-17-2005 07:52 AM
To log in to the router and go directly to level 15 access is a combination of the authentication and authorization functions. As it has been explained to me Cisco implements that functionality for remote access but does not implement it for access via the console. This is mostly a safety issue. If you misconfigure something in authentication or authorization and lock yourself out of the vty ports it is one thing. If you lock yourself out of the console it is something much more serious. So to minimize the opportunity to lock out the console they do not do the authentication/authorization on the console.
HTH
Rick
06-17-2005 09:29 AM
Ahhhh. So you must have an enable pass or secret at all times. I said no enable pass and secret so it doesn't let me in through the console to level 15 because it says there is no password set. If they were worried about what you said above, I found a way around their safety. Also, if that is the case then when you enter level 15 using the console after logging in to the console using the AAA then does it still log that particular user?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide