05-11-2019 06:43 AM
Hi,
I tried to configure the TACACS and I forget to add local command for authorization commands.
Now I can login to switch(Nexus 7009) but when I type any command I got authorization error.
Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=17(0x11)
I just want to know is can I go and config from console or not?
Thanks for your advise.
tacacs-server directed-request
aaa authentication login default group TACACS
aaa authentication login console group TACACS
aaa authorization commands default group TACACS
aaa authentication login default fallback error local
aaa accounting default group TACACS
aaa authentication login error-enable
05-11-2019 06:56 AM
Depends on how your vty configured, if you have not activate VTY access to use TACACS/Radius you can login.
Other option to to TACACS/RADIUS, remove this device from the enable list, so you can access locally. since Radius/TACACS not accessable.
05-11-2019 07:01 AM
I don't configure anything on VTY so if I login in via console directly to device my local access should be ok rite?
Thanks
05-11-2019 08:23 AM
yes should be ok. Try and .post us any errors or difficulties.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide