Re: Difficult Req : vty use tacacs for enable password but

What about using enable for the line con?
 
aaa authen login mycon enable
aaa
authen login myvty line
line con 0
 login authen mycon
line vty 0 15
 login
authen myvty
 pass cisco
 login priv 15
 
This would use the enable for the
console, and cisco for the user mode, but take you right to priv 15.
 
Regards,
Jay McMickle- 3x CCNP (R&S,Security,Design), CCIE #35355 (R&S)
 
From: Carlos G Mendioroz <tron_at_huapi.ba.ar>
To: Mohammad Mousa
<mohd-mousa_at_hotmail.com>
Cc: jay.mcmickle_at_yahoo.com; jeremy.cool14_at_gmail.com;
ccielab_at_groupstudy.com
Sent: Monday, October 8, 2012 11:01 AM
Subject: Re:
Difficult Req : vty use tacacs for enable password but console not using
tacacs for enable.??????

I think that what he wants is console "enable"
password to be different.
I don't know if that's possible...
-Carlos

Mohammad
Mousa @ 08/10/2012 12:55 -0300 dixit:
> Hi Jeremy, You can do it like this :
aaa new-model
> aaa authentication login MYCON line
> aaa authentication login
MYVTY enable
> line con 0
> login authentication MYCON
> line vty 0 4login
authentication MYVTY HTH,
>
>
>> Regards,
>> Jay McMickle- CCIE #35355 (RS),
3x CCNP (RS,Security,Design)
>> Sent from my iPhone
>>
>> On Oct 8, 2012, at
1:39 AM, jeremy co <jeremy.cool14_at_gmail.com> wrote:
>>
>>> Hi,
>>>
>>> Is
there any way that I can get all of the vty lines usgin tacacs for
>>> enable
password but console excluded from this ?
>>>
>>>
>>> Problem is "aaa
authentication enable default .... " applies to "default"
>>> , so Im not sure
how to achieve this requirement.
>>>
>>>
>>> Thanks
>>>
>>>
>>> Blogs and
organic groups at http://www.ccie.net
>>>
>>>
Received on Mon Oct 08 2012 - 18:28:31 ART