04-01-2008 04:30 AM - edited 03-03-2019 09:21 PM
Hello Experts,
My CISCO Router 1700 Series. IOS Software version: 12.3(11)T2
I am doing the TACACS Config on my Router but it doesn't work.
I am providing my TACACS Config for Ref only:
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
tacacs-server directed-request
tacacs-server key cisconet
ip tacacs source-interface Loopback1
line vty 0 4
password cisco
login authentication vty
enable secret cisco
enable password cisco123
username cisco password 0 cisco
aaa new-model
aaa authentication login vty group tacacs+ local
aaa authentication login conuser local
aaa authorization commands 15 default group tacacs+ local
aaa accounting commands 15 default start-stop group tacacs+
aaa session-id common
The Question is:
=================
In this Router Model for the IOS Version mentioned above, under LINE VTY 0 4 the command "login authentication vty" is not supporting. Neverthless, it allows only:
413200(config-line)#login ?
local Local password checking
tacacs Use tacacs server for password checking
If i add, the "login tacacs" i lose my connectivity and TACACS doesn't work.
Can some one provide some Solution for the same. Thanks in Advance for your Help
Best Regards,
Guru Prasad R
Solved! Go to Solution.
04-01-2008 04:50 AM
Hi Guru,
After enabling "aaa new-model" the login command under the VTY will differ, make sure to enable "aaa new-model" first, it is a matter of order.
Before:
Router(config-line)#login ?
local Local password checking
tacacs Use tacacs server for password checking
After:
Router(config-line)#login ?
authentication Authentication parameters.
ctrlc-disable Disable CONTROL-C during login.
BR,
Mohammed Mahmoud.
04-01-2008 04:50 AM
Hi Guru,
After enabling "aaa new-model" the login command under the VTY will differ, make sure to enable "aaa new-model" first, it is a matter of order.
Before:
Router(config-line)#login ?
local Local password checking
tacacs Use tacacs server for password checking
After:
Router(config-line)#login ?
authentication Authentication parameters.
ctrlc-disable Disable CONTROL-C during login.
BR,
Mohammed Mahmoud.
04-01-2008 05:55 AM
Dear Mohammed,
Thanks for your great help in all the way.
Have Rated your POST. All my TACACS Config working very well.
Best Regards,
Guru Prasad R
04-01-2008 06:22 AM
Dear Guru,
You are very welcomed, and thank you very much for the rating.
BR,
Mohammed Mahmoud.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide