cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Console authorization is enabled by default on a Cisco Catalyst switch when Cisco IOS version 12.2 is used

1165
Views
0
Helpful
0
Comments

Core issue

This issue is documented in Cisco bug ID CSCeb08860.

Console authorization is incorrectly enabled by default in the console. A login from the console fails with this configuration due to an authorization failure:aaa

    new-model
  aaa authentication login default local
  aaa authentication login no_tacacs none
  aaa authorization exec default local
  line con 0
  login authentication no_tacacs

Resolution

In order to resolve this issue, perform one of these steps:

  • Explicitly configure for no authorization with this configuration:

           aaa authorization exec no_tacacs none
           line con 0

      authorization exec no_tacacs

  • Download and upgrade the Cisco IOS  version to any one of these versions:

  • 12.3(4.2)

  • 12.2(20.4)

  • 12.3(4.4)B

  • 12.2(20.4)S

  • 12.3(5.5)T

  • 12.3(7)XI

  • 12.2(27)SBA

  • 12.2(27)SBB