Hello @Zee-Far-Man,
To address your issue with not being able to use your account as privilege level 15 on your Router 4331 despite it showing as such on the AAA server, here are some steps to troubleshoot and resolve the problem.
I tried to understand your situation and came up with some potential reasons and solutions:
1. AAA config on the router: Just ensure that the aaa configuration on the router is correctly set up to use aaa server for authentication and authorization (#show runn | i aaa)
2. Local user account: Verify if there is a local user account with the same username but a different privilege level on the router (sh runn | i username...)
3. Privilege levels config: (show privilege)
4. Authorization issues: Check for any authorization issues or misconfigurations that might be affecting your access. Ensure the router is correctly communicating with the aaa server (debug aaa authentication & debug aaa authorization)
5. Cisco ios version and bugs: There might be a bug in the specific version of the Cisco IOS you are using (you never know LOL).
Steps to restore privilege level 15
1. You need to verify aaa config (#aaa new-model. aaa authentication login default group tacacs+ local. aaa authorization exec default group tacacs+ local)
2. Local uer config, so if you have a local user acc, ensure it is set to privilege level 15.
3. Check and remove conflicting entries.
4. also why not, Test access..... (#show privilege)
Would be much much easier if you would share aaa and vty config.....
Hope this will fix the issue....
E.S
