Posted on June 20, 2019 7:53 pm
 |  Asked by Warren Granada
 |  78 views
0
0
Print Friendly, PDF & Email

Good day

I have having the following issue, I am setting a up a switch and when I am on the console port I am
able to go into config mode and make updates. The issue comes when I try to ssh/telnet from one
switch to another, I can ssh/telnet with no issue and can preform all the command but when I try to go
into config mode to make updates it tells me I am not authorized. These switches are currently sitting on my
desk so I am assuming once I get these on the network and talking to the TAC server then it will be fine but
I just wanted to be certain. I have the following config what am I missing that will not allow me to go into config mode while they are not connected to the network?

aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ local
aaa authorization exec default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
!
enable secret 5
aaa root secret 5
!
username network privilege 15 secret 5

I login with the network username who has the privilege of 15 so not sure why when I ssh/telnet I cannot
go into config mode.

0
Posted by Aesha Parikh
Answered on June 20, 2019 9:32 pm

Hi Warren,

Change your command to
username network privilege 15 secret 5 xxxxx role network-admin

Default role for any user except admin is network-operator.

Thanks,
Aesha

Hi Aesha

Sorry it looks like I posted the same question twice let me give that a shot and will let you know, thank you sir!!!

(Warren Granada at June 21, 2019 4:32 am)

Post your Answer

You must be logged in to post an answer.