CCSP SECUR "Local AAA" Question

[CCNA2]

Hello,

I am studying for CCSP and I am currently working on 642-501 SECUR. I wish I had a router or could find a simulator with supported AAA commands, but I haven't been that lucky, so I hope someone here can help me.

My question:

Using this command for example on a 2600 router:
"aaa authorization config-commands default local"
This should specify to look in the local db on the NAS/Router for this specific authorization. But how is it connected with the user. I mean if the command "username joe password clock" has been used, then there is configured a user with priv. level 1 right? Who gets the config-commands authorization and how? Should the user be chained together with the list-name somehow?

I really hope someone can help.

Thank You.

Kind regards,

Thomas

 

[lui3]

aaa authorization config-commands default local

can also be summed up in another command

aaa authorization default local

this will tell the router to look in the local db for all authorizations unless otherwise specified.

 

[CCNA2]

Thanks, that's what I thought, I just thought it was strange to use the command: "aaa authorization config-commands default local" which was done in my book, but it must be for some way of explaining AAA.

What does a default local user have?, Priv. level 1?
Do you know if I can use a 2500 series router for practising AAA for the SECUR?

Thanks,

Thomas.