• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3587
  • Last Modified:

Cisco ASR 1001 and VTY configuration


I am configuring a new Cisco ASR 1001 router, and I am trying to configure ssh authentication access.  As I go into line vt 0 15, and then do "login authentication vty", I get : AAA: Warning authentication list "vty" is not defined for LOGIN.

Can someone give me some detail on this cmd ?  I would like it so that if someone sshes into this router, local IDs go first, and then it goes to AAA server.

1 Solution
conf t
aaa new-model
aaa authentication login default local group tacacs+
aaa authentication enable default local group tacacs+

username test privilege 15 secret 0 password

tacacs-server host x.x.x.x

tacacs-server key abcdefg

line vty 0 15
login authentication default
Elemental12Author Commented:
For your third aaa cmd, I needed to use: aaa authentication enable default group tacacs+.  Once I did that, then the login authentication default took.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now