Here are my entire users DataBase:
Code:
server ~ # cat /etc/raddb/users
username Cleartext-Password := "letmein"
Service-Type = Nas-Prompt-User,
Cisco-Avpair = "shell:priv-lvl=15"
rview Cleartext-Password := "rview"
Service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=0"
DEFAULT Group == "disabled", Auth-Type := Reject
Reply-Message = "Your account has been disabled."
___AND___
Code:
aaa new-model
!
!
aaa authentication login default group radius local
aaa authentication login CON group radius local none
aaa authorization exec default group radius local
!
line con 0
privilege level 15
logging synchronous
login authentication CON
My user gets in fine at level 15, and the user goes in at user mode, and needs to drop in the empower secret word to empower up. But also for enjoyment, I actually attempted it with and without the concession level 15. It had no impact either way.
Bookmarks