From: V Shekhar (vshekhar25@yahoo.com)
Date: Thu Jan 11 2007 - 06:32:01 ART
Thanx to Ivan for pointing a TYPO .PLease disregard my prev post The corrected version is below:
I have noticed one thing that is.
+++++++++++++++++++++++++++++++++++++++++++++++++++
Case 1: Local authorization.
aaa authentication login VTY_AUTH_LOCAL local
aaa authorization exec VTY_AUTHOR_LOCAL local
username USER5 password PASS5
username USER5 priviledge 5
line vty 0 4
login authentication VTY_AUTH_LOCAL
authorization exec VTY_AUTHOR_LOCAL
when USER5 telnets to the router he is in privilegde leve 5 directly.
++++++++++++++++++++++++++++++++++++++++++++++++++++
Case 2 Remote authorization
aaa authentication login VTY_AUTH_TAC group tacacs+
aaa authorization exec VTY_AUTHOR_TAC group tacacs+
tacacs-server host x.x.x.x key SECRET
line vty 0 4
login authentication VTY_AUTH_TAC
authorization exec VTY_AUTHOR_TAC
user5 created on ACS with "MAX PRIV=5"
when USER5 logs into the router he is initially @ a priv level1 he needs to issue "en 5" to move to priv level5
why is this diff? is ther a way to land the user to priov level 5 directly?
Thanx,
-sHekHar.
CCSP/CISSP/RHCE.
This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:56 ART