[c-nsp] aaa different for console logins? - Jon Lewis - net.nether.puck.cisco-nsp

10 messages in net.nether.puck.cisco-nsp[c-nsp] aaa different for console log...

From	Sent On	Attachments
Jon Lewis	Jan 11, 2005 2:17 pm
Jon Lewis	Jan 11, 2005 3:08 pm
Oliver Boehmer (oboehmer)	Jan 11, 2005 3:34 pm
John Lyons	Jan 11, 2005 3:50 pm
Jon Lewis	Jan 11, 2005 8:50 pm
Oliver Boehmer (oboehmer)	Jan 12, 2005 4:11 am
Jon Lewis	Jan 12, 2005 7:04 am
Oliver Boehmer (oboehmer)	Jan 12, 2005 7:36 am
Jon Lewis	Jan 12, 2005 8:18 am
Oliver Boehmer (oboehmer)	Jan 12, 2005 8:30 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[c-nsp] aaa different for console logins?	Actions...
From:	Jon Lewis (jle...@lewis.org)
Date:	Jan 11, 2005 3:08:37 pm
List:	net.nether.puck.cisco-nsp

On Tue, 11 Jan 2005, Josh Duffek wrote:

joshd(config)#line con 0 joshd(config-line)#authorization exec ? WORD Use an authorization list with this name default Use the default authorization list

That doesn't appear to make a difference.

aaa new-model aaa authentication login default group radius local aaa authentication login console group radius local aaa authorization exec default group radius local aaa authorization exec console group radius local aaa accounting exec default start-stop group radius ... line con 0 authorization exec console login authentication console line vty 0 4 ! end

Without any config in the vty 0 4 section, having set the login and exec defaults suffices. Even with the above console additions, console logins still only get exec (rather than enable) access.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: