Comware

 View Only
Back to discussions
Expand all | Collapse all

Configuration help for : Procurve 2524,ssh,tacacs and enable mode - needed

This thread has been viewed 0 times

  • 1.  Configuration help for : Procurve 2524,ssh,tacacs and enable mode - needed

    Posted Apr 22, 2009 03:28 AM
    Hi all,

    the login login to a Procure 2524 via ssh and tacacs is working well, but I am not able to switch to the enable mode automatic.

    On Procurve 2626, 2650 for example it works with "aaa authentication login privilege-mode", but this command is not present on the 2524.

    The following is configured at the moment for aaa authentivation:
    1. aaa authentication console login tacacs local
    2. aaa authentication telnet login tacacs local
    3. aaa authentication ssh login tacacs local


    Any idea?


  • 2.  RE: Configuration help for : Procurve 2524,ssh,tacacs and enable mode - needed

    Posted Apr 22, 2009 05:36 AM
    it is different for the 2524:

    from the F_05_55 relnotes:

    Note on Privilege Levels:
    When a TACACS+ server authenticates an access request from a switch, it includes a privilege level code for the switch to use in determining which privilege level to grant to the terminal requesting access. The switch interprets a privilege level code of "15" as authorization for the Manager (read/write) privilege level access. Privilege level codes of 14 and lower result in Operator (read-only) access. Thus, when configuring the TACACS+ server response to a request that includes a username/password pair that should have Manager privileges, you must use a privilege level of 15. For more on this topic, refer to the documentation you received with your TACACS+ server application.

    hth...jeff


  • 3.  RE: Configuration help for : Procurve 2524,ssh,tacacs and enable mode - needed

    Posted Apr 23, 2009 05:13 AM
    Thank you for the quick answer. I will have a look and ask the Tacacs Admin.


Related Content