Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
515
Views
0
Helpful
3
Replies

TACACS Config Problem

Go to solution
guruprasadr
Level 7
Level 7

‎04-01-2008 04:30 AM - edited ‎03-03-2019 09:21 PM

Hello Experts,

My CISCO Router 1700 Series. IOS Software version: 12.3(11)T2

I am doing the TACACS Config on my Router but it doesn't work.

I am providing my TACACS Config for Ref only:

tacacs-server host x.x.x.x

tacacs-server host x.x.x.x

tacacs-server host x.x.x.x

tacacs-server directed-request

tacacs-server key cisconet

ip tacacs source-interface Loopback1

line vty 0 4

password cisco

login authentication vty

enable secret cisco

enable password cisco123

username cisco password 0 cisco

aaa new-model

aaa authentication login vty group tacacs+ local

aaa authentication login conuser local

aaa authorization commands 15 default group tacacs+ local

aaa accounting commands 15 default start-stop group tacacs+

aaa session-id common

The Question is:

=================

In this Router Model for the IOS Version mentioned above, under LINE VTY 0 4 the command "login authentication vty" is not supporting. Neverthless, it allows only:

413200(config-line)#login ?

local Local password checking

tacacs Use tacacs server for password checking

If i add, the "login tacacs" i lose my connectivity and TACACS doesn't work.

Can some one provide some Solution for the same. Thanks in Advance for your Help

Best Regards,

Guru Prasad R

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mohammedmahmoud
Level 11
Level 11

‎04-01-2008 04:50 AM

Hi Guru,

After enabling "aaa new-model" the login command under the VTY will differ, make sure to enable "aaa new-model" first, it is a matter of order.

Before:

Router(config-line)#login ?

local Local password checking

tacacs Use tacacs server for password checking

After:

Router(config-line)#login ?

authentication Authentication parameters.

ctrlc-disable Disable CONTROL-C during login.

BR,

Mohammed Mahmoud.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
mohammedmahmoud
Level 11
Level 11

‎04-01-2008 04:50 AM

Hi Guru,

After enabling "aaa new-model" the login command under the VTY will differ, make sure to enable "aaa new-model" first, it is a matter of order.

Before:

Router(config-line)#login ?

local Local password checking

tacacs Use tacacs server for password checking

After:

Router(config-line)#login ?

authentication Authentication parameters.

ctrlc-disable Disable CONTROL-C during login.

BR,

Mohammed Mahmoud.

0 Helpful

Go to solution
guruprasadr
Level 7
Level 7
In response to mohammedmahmoud

‎04-01-2008 05:55 AM

Dear Mohammed,

Thanks for your great help in all the way.

Have Rated your POST. All my TACACS Config working very well.

Best Regards,

Guru Prasad R

0 Helpful

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to guruprasadr

‎04-01-2008 06:22 AM

Dear Guru,

You are very welcomed, and thank you very much for the rating.

BR,

Mohammed Mahmoud.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card