Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
1
Replies

console line enable aaa issue

Mitchell Theriot
Level 1
Level 1

‎10-25-2019 10:34 AM

I need certain users to authentication their enable password against our TACACS server. To do so I issued: "aaa authentication enable default group TACACS enable" I also want my console line to use the line password and then the local enable password. I have entered : aaa authentication login console line line con 0 password ******* line authentication console The issue is when I make a console connection it prompts me for the line password which works correctly, however then to get to level 15 I type enable and it prompts me for a username. This is because I have the enable default group pointed to the TACACS server first. You cannot create another enable group outside of the default group. Is there a way I can force the console line to instead use the local enable password?
Labels:
0 Helpful
1 Reply 1

Mitchell Theriot
Level 1
Level 1

‎10-25-2019 10:50 AM

I figured this out. My only two options are to either raise the privilege level on the console line to 15 or create a console username and password with level 15 access and make the console use the local database. Not a perfect situation as the console user never gets prompted for an enable password for an added layer of security.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card