From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Tue Aug 07 2007 - 00:37:41 ART
Try adding this command to the global configuration:
aaa authorization console
Brian Dennis, CCIE4 #2210 (R&S/ISP-Dial/Security/SP)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
On Aug 6, 2007, at 3:35 PM, Toh Soon, Lim wrote:
> Hi Group,
>
> I'm facing an issue with the following AAA config:
>
> !
> aaa new-model
> aaa authentication login default local-case
> aaa authorization exec default local
> !
> username user1 privilege 15 secret cisco123
> !
> line con 0
> password cisco123
> !
> line vty 0 4
> password cisco123
> !
>
> When I telnet to the router and log in as user1, I'm put to
> privileged EXEC
> mode (Router# prompt). However, when I console and log in as user1,
> I'm only
> put to user EXEC mode (Router> prompt). I have to type enable and
> provide
> the enable secret password to get to Level 15. What am I missing here?
>
> I resolve the issue by adding the global command "aaa authorization
> console". Advise me if this is the right thing to do.
>
> I'm kinda confused with the command reference in DocCD that says:
>
> This command (aaa authorization console) by itself does not turn on
> authorization of the console line. It needs to be used in
> conjunction with
> the authorization command under console line configurations.
>
>
> Thank you.
>
> B.Rgds,
> Lim TS
>
> ______________________________________________________________________
> _
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:09 ART