[c-nsp] Very Strange AAA behaviour in a 3750 stack
Leif Sawyer
lsawyer at gci.com
Thu Aug 7 11:09:13 EDT 2008
Here's the AAA config on my 3750, which seems to work fine:
aaa new-model
aaa group server tacacs+ Cisco_secure
server 192.168.4.22
!
aaa authentication login default group Cisco_secure enable
aaa authentication enable default enable
aaa authorization exec default group Cisco_secure none
aaa authorization commands 15 default group Cisco_secure none
aaa authorization network default group Cisco_secure none
aaa accounting send stop-record authentication failure
aaa accounting exec default start-stop group Cisco_secure
aaa accounting commands 1 default stop-only group Cisco_secure
aaa accounting commands 15 default stop-only group Cisco_secure
aaa accounting network default start-stop group Cisco_secure
aaa accounting connection default start-stop group Cisco_secure
aaa accounting system default stop-only group Cisco_secure
!
aaa session-id common
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of luismi
> Sent: Thursday, August 07, 2008 5:10 AM
> To: Nic Tjirkalli
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Very Strange AAA behaviour in a 3750 stack
>
> Hi,
>
> I tried the changes you told me, same result.
>
> El jue, 07-08-2008 a las 13:52 +0200, Nic Tjirkalli escribió:
> > aaa authorization commands 1 default local group tacacs+
> > if-authenticated aaa authorization commands 15 default local group
> > tacacs+ if-authenticated
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list