Tuesday, September 17, 2019

Huawei & Tacacs

Anyone got a Huawei and tacacs authorization working properly?

I have it all setup and can log in, but but I'm only logged in with priv level 1 despite setting the authorization to 15 in aaa config

authorization-cmd 15 hwtacacs local

complete AAA config is below

hwtacacs-server template telnetusers

hwtacacs-server authentication x.x.x.x

hwtacacs-server authorization x.x.x.x

hwtacacs-server accounting x.x.x.x

hwtacacs-server shared-key cipher xxxxxxxxx

!

aaa

authentication-scheme tacacs+

authentication-mode hwtacacs local

ssh authentication-type default password

!

aaa

authorization-scheme tacacs+

authorization-mode hwtacacs local

authorization-cmd 15 hwtacacs local

!

aaa

accounting-scheme tacacs+

accounting-mode hwtacacs

recording-scheme tacacs+

recording-mode hwtacacs tacacs+

cmd recording-scheme tacacs+

aaa

domain tacacs+ admin

authentication-scheme tacacs+

authorization-scheme tacacs+

hwtacacs-server telnetusers



No comments:

Post a Comment