is "login authentication" in global configuration a valid command? I thought login authentication can only be applied to the console and vty lines. how does this question indicate that the someone is logging into the console? A is the only valid command (aaa is used to create method lists in global configuration)
Ref: Console authorization issue - Cisco Community
Post by James Horne (12-17-2015 05:37 PM)
What’s missing here is the aaa authorization console command.
A. Configure aaa authorization console global command
Correct answer.
B. Configure aaa authorization console command on line vty 0 4
Wrong answer.
C. Configure aaa authorization login command on line console 0
Wrong answer.
D. Configure aaa authorization login command on line vty 0 4
Wrong answer.
Agree A really does nothing to fix this issue. It is a bad question with missing config information needed to actually troubleshoot this. However, the only answer that is a command that can be configured is the one shown in answer A (aaa authorization console in global config mode), so only for that reason if I would pick A. (there are "aaa authentication login" commands, but no "aaa authorization login" commands, and even the "aaa authentication login" commands are done in global config, not on the lines.) at least not on the IOS's I have seen.
"AAA authorization is disabled on the console by default. If AAA authorization is enabled on the console, disable it by configuring the no aaa authorization console command during the AAA configuration stage. AAA should be disabled on the console for user authentication."
And yet if you read the full thread ( https://community.cisco.com/t5/network-access-control/console-authorization-issue/td-p/2492619 ), the solution was NOT A...
A did nothing to fix the issue, in the end the whole AAA config on the system had to be reconfigured
Debug says auth pick method was list default which implies that the user is connected to the console port. Of the answers listed only A would resolve the issue
if the default method is chosen, how does that imply the used is connected to the console port?
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
[Removed]
6 months agokldoyle97
6 months, 3 weeks agointeldarvid
1 year, 6 months ago[Removed]
2 years, 5 months agototo2
2 years, 10 months agowts
2 years, 10 months agobogd
2 years, 11 months agoHungarianDish_111
1 year, 8 months agomyrmike
3 years, 1 month agoCiscoTerminator
1 month agokldoyle97
6 months, 3 weeks ago