Monday, November 29, 2010

Console login to priv 15

Found out today that I had forgotten how to set the console port to automatically log in a user as priv 15 if they were set that way on their account using a local user database.

I had the typical configuration:

aaa new-model
username cisco privilege 15 password cisco
username test privilege 1 password cisco
aaa authentication login default local
aaa authorization exec default local

However, user cisco would still log in on console as a non-enabled user.

There is an additional command

aaa authorization console required at the global configuration level.


Once I added that line everything works as expected.

User Access Verification

Username: test
Password:

R1>
R1>exit

User Access Verification

Username: cisco
Password:

R1#
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)