AAA reconfig

Discussion in 'Cisco' started by Branigan, Jan 17, 2006.

  1. Branigan

    Branigan Guest

    I have some routers someone turned over that had a previous AAA
    configuration. This was removed with no aaa-newmodel. When I enabled the
    new-model and created my own configuration the former stuff seemed to come
    back and lock me out. I shut down the tacacs server for a moment and got in,
    but all of their configuration for aaa was back in. Is there a way to remove
    the aaa config with reseting the router, so I dont get caught like this
    again?

    thx,
    Branigan, Jan 17, 2006
    #1
    1. Advertising

  2. Branigan

    Alf Guest

    You have to remover the lines using the no command. The no aaa
    new-model does nothing more than act like an on off switch for tacacs.
    Hope this helps!!
    Alf, Jan 17, 2006
    #2
    1. Advertising

  3. Branigan

    Branigan Guest

    Alf,
    i know that, but what happens is we have taken over some routers from
    another company. they had aaa config, which cannot be seen until you turn on
    aaa new-model. when you turn on aaa new-model their old stuff comes up and
    locks you our of the router/switch. I guess the best way to beat this is to
    just configure one at a time and use the method I described before. ie.
    shutdown the tacacs server.


    "Alf" <12.wi.us> wrote in message
    news:...
    > You have to remover the lines using the no command. The no aaa
    > new-model does nothing more than act like an on off switch for tacacs.
    > Hope this helps!!
    >
    Branigan, Jan 17, 2006
    #3
  4. Branigan

    Vivek Guest

    They must have command authorization enabled in the config. Thats the only
    way you can be locked out after being logged in also.

    Create a blank command authorization set and apply it to a user/group. This
    should help you.
    Vivek, Jan 19, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andy Gray
    Replies:
    7
    Views:
    509
    Andy Gray
    Oct 29, 2003
  2. Michael Shiah

    aaa authorization exec|commands|network

    Michael Shiah, Oct 21, 2003, in forum: Cisco
    Replies:
    0
    Views:
    575
    Michael Shiah
    Oct 21, 2003
  3. SKY
    Replies:
    0
    Views:
    473
  4. SysAdm

    bgp soft reconfig

    SysAdm, Nov 28, 2004, in forum: Cisco
    Replies:
    0
    Views:
    1,442
    SysAdm
    Nov 28, 2004
  5. Chris_D
    Replies:
    4
    Views:
    3,399
    Chris_D
    Aug 1, 2005
Loading...

Share This Page