cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
276
Views
4
Helpful
1
Replies
illusion_rox
Beginner

acs 4.1 authorization for level 15 !!

hi all, i am currently using acs 3.3 (windows) but i am not able to restrict users assigned to level 15 from issuing certain commands. Someone told me this is possible in acs4.1 so do i have to configure normal authorization on acs 4.1 and it will be applied to level 15 or do i need to do some special config on acs/router ?

Kindly guide me

1 REPLY 1
amritpatek
Frequent Contributor

In addition to your preset configuration, these commands are required on an IOS router or switch in order to implement command authorization through an ACS server:

aaa new-model

aaa authorization config-commands

aaa authorization commands 0 default group tacacs+ local

aaa authorization commands 1 default group tacacs+ local

aaa authorization commands 15 default group tacacs+ local

tacacs-server host A.B.C.D

tacacs-server key cisco123

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml#backinfo