AAA Router commands 1

[CCNA2]

Hello,

I am studying for CCSP and I am currently working on 642-501 SECUR. I wish I had a router or could find a simulator with supported AAA commands, but I haven't been that lucky, so I hope someone here can help me.

My question:

Using this command for example on a 2600 router:
"aaa authorization config-commands default local"
This should specify to look in the local db on the NAS/Router for this specific authorization. But how is it connected with the user. I mean if the command "username joe password clock" has been used, then there is configured a user with priv. level 1 right? Who gets the config-commands authorization and how? Should the user be chained together with the list-name somehow?

I really hope someone can help.

Thank You.

Kind regards,

Thomas

 

[routerman]

What happens is:

user logs into NAS, the aaa configuration is told to match the user against the local database. So when user logs in using a username and password thats in the local database he gets access. You cannot chain the username entry with the list name.

Best of luck with CCSP, I got mine 5 weeks ago.

 

[CCNA2]

Hi routerman,

Thanks for your reply and congratulations on your CCSP.

If I understand your answer correctly, the following command doesn't do anything: "aaa authorization config-commands default local" Because the local users have their own individual type of access right? Or can they get group privileges?

Thanks

Thomas.