AAA Q: aaa-new model local auth Vs local user database auth
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-24-2011 10:58 AM - edited 03-04-2019 12:48 PM
Hello everybody,
I posted this query in 'AAA' secition but no answers.. so posting here for quick answer ;-).
Trying to figure out if there is any major difference between..
1. enabling 'aaa' with local database authentication
!
aaa new-model
username username1 password password
aaa authentication login default local
!
line con 0
login
!
Vs
2. Creating a local username with full privileges..
username privi 15 secret password
!
line con 0
login local
priv-level 15
!
TIA
MS
- Labels:
-
Other Routing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-24-2011 12:13 PM
Hi,
First off, "aaa authentication login default" is applied to all login connections such as tty,console.
1. Your first option,you will be prompted as router>. You're in privilege level 1. No matter what privilege level you have defined for each user.
2. For your second option, local authentication is only applied on line console 0. Privilege level 15 is applied within line console 0 won't take any effect in this case. The device will use privilege level defined for each user.
HTH,
Toshi
