Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2522
Views
5
Helpful
9
Replies

aaa authorization doesn't work in 15.0.1-SE

Roman Rodichev
Level 7
Level 7

‎08-14-2011 04:18 PM - edited ‎03-07-2019 01:42 AM

c3750e-universalk9-tar.150-1.SE on 3750x

username cisco privilege 15 secret cico

aaa new-model        

aaa authentication login default local

aaa authorization console

aaa authorization exec default local

!

line con 0

line vty 0 15

Console and telnet don't seem to auto authorize to level 15, I end up at level 1, I'm forced to use enable command.

Rolling back to c3750e-universalk9-mz.122-58.SE2 fixes it.

Going back to c3750e-universalk9-tar.150-1.SE breaks it again.

is there some new behavior in cat 15 code (couldn't find it in config guide)? maybe a bug (couldn't find one)?

Labels:
0 Helpful
9 Replies 9

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-14-2011 04:19 PM

Nice find Roman. 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-15-2011 03:36 PM

Hey Roman,

Can you let us know what you find out with TAC?

Best Regards/Leo

0 Helpful

Roman Rodichev
Level 7
Level 7
In response to Leo Laohoo

‎08-15-2011 03:44 PM

I will. TAC engineer is trying to lab it.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Roman Rodichev

‎08-15-2011 03:51 PM 

I will. TAC engineer is trying to lab it.

I can't wait for you to spring TAC and say "SURPRISE!!!". 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Roman Rodichev

‎08-31-2011 02:36 AM

Hey Roman,

Any updates?

0 Helpful

Roman Rodichev
Level 7
Level 7
In response to Leo Laohoo

‎08-31-2011 04:41 AM

Defect CSCts19054

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Roman Rodichev

‎08-31-2011 03:51 PM

Thanks Roman.  It's an internal bug. 

The reason why I'm asking is because I found something else with this version of the IOS.  I've got a number of WS-C2960-48PST.  Some are still running 12.2(58)SE1 and others are running 15.0(1)SE.  Guess what?  The ones running 15.0(1)SE goes NUTS.  Can't telnet/ssh, you can ping, traffic is normal.  You can't console in either.  Tried rebooting the switch and still can't remote access into it (but I can console).

I've got a TAC Case.  I'm suspecting that it's a very, very bad memory leak affecting the 48-PST only.  I've got different models of 2960 and they work fine.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Roman Rodichev

‎09-14-2011 06:44 PM

Just an update Roman.

Got a Cisco TAC regarding memory leaks on WS-C2960-48PST.  Cisco TAC was able to replicate the issue as soon as the IOS boot up and without any config.

Based on the wording from TAC, this particular code wasn't tested thoroughly.  So I recommend anyone reading this post to stay away from using 15.0(1). 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card