03-15-2012 09:08 PM - edited 03-04-2019 03:41 PM
HI ,
I have configured the TACACS in my network and I have configured the aaa authorization commands 15 default if-authenticated group tacacs+ in Cisco 6504 Switch. Its allowing me to Login by Unable to run the Sh run commands ,i am getting Aithorization error emssage. If i am checking sh Privillage its showing level 15. Same configuration fine in other device with out issue.
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication ppp default local
aaa authorization commands 15 default if-authenticated group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
Please help me on this, this is my core switch so i am not able to reload ....
03-15-2012 09:17 PM
Hi Thiru,
This are the few comds which we use mostly.
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization exec default group tacacs+ local if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
hope it works.
Regards,
Satya.M
03-16-2012 04:12 PM
Hi Satya,
Thanks for your response , The thing is i am unable to configuration terminal with Locla / Tacacs user ID. I am not able to do any chnages and moreover this my Core Swith , hence i am not able reload . So can you advise me to do sometime ??
Regards
Thiru
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide