Removing AAA configuration from a CIsco switch configuration

StewartAlexander0961 · ‎12-14-2020

I have a switch configuration for a CIsco 2960S a text document that I would like to remove the AAA configuration from so it no longer calls any Radius switch and just uses the local login

Looks like I need to remove

aaa new model
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated
Radius server "host" and "key" lines
aaa session-id common
line con 0
line vty 0 4
all password lines

Any amendment to this, or further things I should do?

This to be sure I can log into the switch without requiring radius to be up

Reza Sharifi · ‎12-14-2020

Hi,

After removing the AAA config, make sure you have a local username and password configured so you can get back to the switch.

username abcvfvrvr privilege 15 password 7 ccvdvvdvdddv

under the vty line

login local.

Also, I recommend not saving the config after removing AAA configuration until you test and make sure you can get back to the switch with the local username and password before saving the config.

This way, if you can not get back to the switch, you can always reboot it and get back to it with the old config.

HTH

paul driver · ‎12-15-2020

Hello

@StewartAlexander0961 wrote:

I have a switch configuration for a CIsco 2960S a text document that I would like to remove the AAA configuration from so it no longer calls any Radius switch and just uses the local login

Just change the AAA to use local credentials:

aaa new-model
aaa authentication login default local
aaa authorization exec default local if-authenticated

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul