Cisco WS-C4003 Software Guide - Page 406
Enabling TACACS+ Authorization
View all Cisco WS-C4003 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 406 highlights
Configuring Authorization Chapter 27 Configuring Switch Access Using AAA Enabling TACACS+ Authorization To enable TACACS+ authorization on the switch, perform this task in privileged mode: Step 1 Step 2 Step 3 Step 4 Task Command Enable authorization for normal login mode. Use the console or telnet keywords if you want to enable authorization only for console port or Telnet connection attempts. Use the both keyword to enable authorization for both console port and Telnet connection attempts. set authorization exec enable {option} {fallbackoption} [console | telnet | both] Enable authorization for enable mode. Use the console or telnet keywords if you want to enable authorization only for console port or Telnet connection attempts. Use the both keyword to enable authorization for both console port and Telnet connection attempts. set authorization enable enable {option} {fallbackoption} [console | telnet | both] Enable authorization of configuration commands. Use the console or telnet keywords if you want to enable authorization only for console port or Telnet connection attempts. Use the both keyword to enable authorization for both console port and Telnet connection attempts. set authorization commands enable {config | all} [option} {fallbackoption} [console | telnet | both] Verify the TACACS+ authorization configuration. show authorization This example shows how to enable TACACS+ EXEC mode authorization for both console and Telnet connections. Authorization is configured with the tacacs+ option. The fallback option is deny: Console> (enable) set authorization exec enable tacacs+ deny both Successfully enabled enable authorization. Console> This example shows how to enable TACACS+ enable mode authorization for console and Telnet connections. Authorization is configured with the tacacs+ option. The fallback option is deny: Console> (enable) set authorization enable enable tacacs+ deny both Successfully enabled enable authorization. Console> This example shows how to enable TACACS+ command authorization for both console and Telnet connections. Authorization is configured with the tacacs+ option. The fallback option is deny: Console> (enable) set authorization commands enable config tacacs+ deny both Successfully enabled commands authorization. Console> (enable) This example shows how to verify the configuration: Console> (enable) show authorization Telnet: ------- Primary Fallback exec: tacacs+ deny enable: tacacs+ deny commands: config: tacacs+ deny 27-52 Software Configuration Guide-Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4 78-12647-02