After setting up AAA on all our switches (there’s loads of tutorials on the Internet about this) we had the problem that this also applied to the console port. We didn’t want the risk that a faulty switch could be rendered inaccessible by the AAA and leaving us in a panic about what to do next. So we can just disable it for the console port, so we just want to create an authentication list called CONSOLE, then set the authentication type to “none”, once that is done we can then apply that to the console port (ensuring nothing else is listed on the console port) to disable AAA authentication on it.
# aaa authentication login CONSOLE none
# line con 0
login authentication CONSOLENow when you hit the console port, you get straight in, but you’ll still need to enter the local enable password to do any damage.