[c-nsp] aaa different for console logins?
John Lyons
john at techvictim.net
Tue Jan 11 15:50:19 EST 2005
Hi Jon,
> Anyone know why when using aaa for administrative login
> authentication,
> returning Service-Type = Administrative-User will give enable access
> to a
> telnet user, but only exec access to a console login?
>
> aaa new-model
> aaa authentication login default group radius local
> aaa authorization exec default group radius local
> aaa accounting exec default start-stop group radius
It may be worth trying "aaa authorization console" under line console 0
(It's
a hidden command). Console authorisation wasn't added until CSCdi82030
was
implemented.
John
More information about the cisco-nsp
mailing list