I had configured C3560 switch running Version 12.2(25)SEB4 to authenticate telnet session against ACS SE 4.1 (Tacacs+).
I encountered a problem once I issued the command
** aaa authentication enable default group tacacs+ enable **
the enabled password not accepted and I got the error "% Error in authentication." I checked out the reports on ACS for failed auth and here the error "ACS password invalid".
I removed the command and things going fine but with local enable password.
aaa authentication password-prompt Password:
aaa authentication username-prompt Login:
aaa authentication login TELNET group tacacs+ local
aaa authentication login CONSOLE none
aaa accounting exec TELNET start-stop group tacacs+
aaa accounting network TELNET start-stop group tacacs+
line vty 0 4
login authentication TELNET
any suggestion !!