|
|
Most BootFlash images do not recognize all Cisco IOS aaa commands. As a result, invoking a BootFlash image can lead to a password recovery situation unless the Cisco IOS fragments listed in this appendix are used to disable AAA. One example of a situation requiring the inclusion of this configuration is a software image upgrade for a Cisco AS5200 access server.
Include the following Cisco IOS commands to disable AAA authentication and authorization on the console and VTY ports of a NAS:
aaa authentication login NO_AUTHENT none aaa authorization exec NO_AUTHOR none aaa authorization commands 15 NO_AUTHOR none line con 0 authorization exec NO_AUTHOR login authentication NO_AUTHENT authorization commands 15 NO_AUTHOR line vty 0 4 authorization commands 15 NO_AUTHOR authorization exec NO_AUTHOR login authentication NO_AUTHENT
 |
Note Refer to "4.6 Implementing Server-Based TACACS+ Router Authorization" for related implementation information. |
Posted: Fri Jun 2 19:52:41 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.