[c-nsp] AAA authorization exec

Ebben Aries Ebben.Aries at albertsons.com
Tue Mar 21 12:25:48 EST 2006


If you use a 'default' list, it will be applied to the console line as
well.  Good rule of thumb if you do not want any
authentication/authorization on your console line is to use named method
lists and apply them specifically to your console/aux/vty lines

...
MoGoIT

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Kanagaraj
Krishna
Sent: Tuesday, March 21, 2006 9:55 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] AAA authorization exec

Hi,
   I've been exploring all the commands available for AAA authorization
for my 
tacacs+ setup (7206VXR). One of the commands tried out was 

"aaa authorization exec default group tacacs+ local"

For your information I've only set AAA for vty connection but realised
that 
with that global command inserted, I'm cut out of console access as
well. Any 
reason for these?

Regards,
Kana
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list