CATOS Tacacs and authentication

Unanswered Question
Nov 15th, 2007

All- I am implementing TACACS across the network.

all the IOS's, Pix's and VPN solutions are complete.

The problem is the CAT OS switches,

i am testing with a CATOS 2948G switch.

see the config below.

Cisco Systems, Inc. Console

OMKSW02 (Cisco Catalyst 2948G)

Access Restricted...

Username: catsoup


OLTEST2948G en

Enter password:********

OLTEST2948G (enable) sh run

This command shows non-default configurations only.

Use 'show config all' to show both default and non-default configurations.



set tacacs server primary

set tacacs attempts 6

set tacacs directedrequest enable

set tacacs key hello



set authentication login tacacs enable console primary

set authentication login tacacs enable telnet primary

set authentication login tacacs enable http primary

set authentication login attempt 6 console

WHAT is needed toget rid of the enable password prompt..

I can disable the enablepassword but would prefer not to.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
strykerb41 Thu, 11/15/2007 - 07:47

actually found the info....

Posted by: jgambhir - Nov 15, 2007, 6:02am PST

Console> (enable) set tacacs server [IP] [primary]

set tacacs key [key]

set tacacs attempts [number] (optional)

set localuser user [user] password [password] privilege 15

set authentication login local enable

set authentication login tacacs enable [all | console | http | telnet] [primary]

set authorization exec enable tacacs+ [deny | none] [console | telnet | both]

set authorization commands enable [config | all] tacacs+ [deny | none] [console |telnet | both]

glen.grant Thu, 11/15/2007 - 08:59

if you want it to use the tacacs password for enable add

set authentication enable tacacs enable telnet primary


This Discussion