[c-nsp] TACACS+ for console problem

ambedkar p_ambedkar at rediffmail.com
Mon May 31 00:17:56 EDT 2010


Yeah, thats true, it is login not line.  But the problem is same

line con 0
> password cisco
> line authentication CONSOLE.

Shouldn't it be "login authentication CONSOLE" ?

Hi, i am using TACACS+ for my Network. After configuring the device, if i want to login through the console, it is not taking any password and continuosly showing " Con 0 is available".

These are my commands used:
aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+


tacacs-server host ip add.
tacacs-server key [Key].

After searching in the internet, i got one solution says use the named list as below.

aaa authentication login CONSOLE line
&

line con 0
password cisco
login authentication CONSOLE.

With this configuration, i am able to login the switch, but it is taking the console password instead of line password which is defined in the command.

Then, i have tested the command :
aaa authentication login CONSOLE none.

Which means no authentication required, but it still asking for the password, which is console password.

Then i have removed aaa commands from config mode and line console mode.
i have used only console password. still it is working, then what is the significance of aaa commands for console.

please give your suggestions.

thanks in advance.

P.Ambedkar.


More information about the cisco-nsp mailing list