Cisco Console Port Help
Matt Brennan
brennanma at gmail.com
Tue Apr 22 18:32:06 UTC 2025
In addition to the FreeRadius sending the correct parameters, you also need
the correct lines in your IOS config file.
You likely already have "privilege level 15" under your "line vty x y"
config. You will also need to add that to your "line con 0" config.
line con 0
privilege level 15
-Matt
On Fri, 18 Apr 2025 at 02:29, Timothy M Butterworth <
timothy.m.butterworth at gmail.com> wrote:
> Hello,
>
> I have the following configuration and I am having an issue. Logging into a
> VTY line through SSH takes me immediately to enable privileged mode login.
> Logging into Console takes me to a non-privileged mode login and I have to
> enter the Enable Secret Password. How do I get the console to take me
> immediately to enable privileged mode login?
>
> ### Free RADIUS Configuration
> sudo vim /etc/freeradius/3.0/clients.conf
>
> client 10.0.0.0/8 {
> secret = REMOVED
> nastype = cisco
> shortname = Butter.net
> }
>
> ### FreeRADIUS User Config
> sudo vim /etc/freeradius/3.0/users
>
> tmb Cleartext-Password := "REMOVED"
> Service-Type = NAS-Prompt-User,
> Cisco-AVPair = "shell:priv-lvl=15"
>
> # FreeRADIUS group config
>
> DEFAULT Group == "cisco-rw"
> Service-Type = NAS-Prompt-User,
> Cisco-AVPair == 'shell:priv-lvl=15',
> User-Name = tmb
>
> Thanks
>
> Tim
>
>
> --
> ⢀⣴⠾⠻⢶⣦⠀
> ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
> ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
> ⠈⠳⣄⠀⠀
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list