TACACS configuration in Cisco 6509

Answered Question
Mar 6th, 2007


i wanted an equivalent command for configuring in Cisco 6509 running Cat OS.

i know Catalyst OS to Cisco IOS configuration converter is there, but i am looking for Cisco IOS to Catalyst OS configuration converter? can any one help me in this regard.

looking for a equal command for the following

aaa new-model

aaa authentication login default group tacacs+ enable local

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

tacacs-server host key checkingtheswitch.

since it is a Cisco 6509 production switch, i don't want to take chance, as there is a possibility that i might not login if the configuration is incorrect.because i faced similar situation when i implemented in Cisco IOS in the initial stage in one of the edge switch.later i have reset the switch & finally could implement with the working config as mentioned above.

I have this problem too.
0 votes
Correct Answer by Amit Singh about 9 years 10 months ago

Hi Anand,

Please use the link below for more info.


-amit singh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Anand Narayana Tue, 03/06/2007 - 01:40

Thanks Amit,

This document was very useful contains more informations about AAA than what i was looking in for.

jwhitepnv Tue, 10/16/2007 - 06:50

did you ever get an answer on the config? I have a 6500 setup but enable does not work correctly

Jagdeep Gambhir Tue, 10/16/2007 - 09:20

What exactly is happening. Here are the cat os commands for aaa,

onsole> (enable) set tacacs server [IP] [primary]

set tacacs key [key]

set tacacs attempts [number] (optional)

set localuser user [user] password [password] privilege 15

set authentication login local enable

set authentication login tacacs enable [all | console | http | telnet] [primary]

set authorization exec enable tacacs+ [deny | none] [console | telnet | both]

set authorization commands enable [config | all] tacacs+ [deny | none] [console |

telnet | both]



Please rate helpful posts


This Discussion