Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
423
Views
5
Helpful
2
Replies

Does TACACS+ Authorisation work with console?

rajesh1331
Level 1
Level 1

‎12-15-2008 12:02 AM - edited ‎03-10-2019 04:14 PM

Hi.

I havce configured routers fo ACS Login with 2 users with different Privilage level. When I log in through telnet it works fine with different privilage level, but when i log in through console the authorisation does not take place properly and i get all privilages for users with lesser privilages also.

All my authorisation is also done in ACS.

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎12-15-2008 06:15 AM

Yes in can work with console access, I have it working.

Hope that helps.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Collin Clark

‎12-15-2008 02:49 PM

Rajesh

There is a reason that it is not working for you and a way to get it to work. It is not working for you because by default authorization does not process on the console connection. Cisco does this as a safety mechanism, because if you configure authorization and get it wrong you can lock yourself out of the router. If authorization does not process on the console then you have a way to recover without needing to blow away the config and recreate it.

If you want authorization to process on the console and you are willing to live with the risk then you can enable authorization on the console using this command:

aaa authorization console

HTH

Rick

HTH

Rick
Customers Also Viewed These Support Documents