From: Toh Soon, Lim (tohsoon28@gmail.com)
Date: Mon Aug 06 2007 - 19:35:33 ART
Hi Group,
I'm facing an issue with the following AAA config:
!
aaa new-model
aaa authentication login default local-case
aaa authorization exec default local
!
username user1 privilege 15 secret cisco123
!
line con 0
password cisco123
!
line vty 0 4
password cisco123
!
When I telnet to the router and log in as user1, I'm put to privileged EXEC
mode (Router# prompt). However, when I console and log in as user1, I'm only
put to user EXEC mode (Router> prompt). I have to type enable and provide
the enable secret password to get to Level 15. What am I missing here?
I resolve the issue by adding the global command "aaa authorization
console". Advise me if this is the right thing to do.
I'm kinda confused with the command reference in DocCD that says:
This command (aaa authorization console) by itself does not turn on
authorization of the console line. It needs to be used in conjunction with
the authorization command under console line configurations.
Thank you.
B.Rgds,
Lim TS
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:09 ART