• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3632
  • Last Modified:

Cisco ASR 1001 and VTY configuration


I am configuring a new Cisco ASR 1001 router, and I am trying to configure ssh authentication access.  As I go into line vt 0 15, and then do "login authentication vty", I get : AAA: Warning authentication list "vty" is not defined for LOGIN.

Can someone give me some detail on this cmd ?  I would like it so that if someone sshes into this router, local IDs go first, and then it goes to AAA server.

1 Solution
conf t
aaa new-model
aaa authentication login default local group tacacs+
aaa authentication enable default local group tacacs+

username test privilege 15 secret 0 password

tacacs-server host x.x.x.x

tacacs-server key abcdefg

line vty 0 15
login authentication default
Elemental12Author Commented:
For your third aaa cmd, I needed to use: aaa authentication enable default group tacacs+.  Once I did that, then the login authentication default took.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now