Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
887
Views
0
Helpful
7
Replies

Tacacs config on WAAS device

gopal_4476
Level 1
Level 1

‎05-24-2008 01:49 AM - edited ‎03-03-2019 10:04 PM

All,

we have tried to configure AAA on WAAS (Wide Area Application Services)device. we have applied all the aaa commands on waas device and made necessary configs changes on tacacs server as well.

WAAS device is speaking to tacacs server and I am able to login to waas device through tacacs id, the problem here is when i tried to go to enable mode on waas device its not accepting my tacacs password instead its taking local password.

I am sure i am missing something here, can any one throw some lights here to solve this issue as this is very ciritcal activity for me.

Many thanks in advance and pasted AAA configs applied on WAAS device.

authentication login tacacs enable primary

authentication login local enable secondary

authentication configuration tacacs enable primary

authentication configuration local enable secondary

aaa accounting commands 15 default start-stop tacacs

tacacs host **.**.**.* primary

tacacs key ******

Regards,

Gopal

Labels:
0 Helpful
7 Replies 7

mahmoodmkl
Level 7
Level 7

‎05-24-2008 02:18 AM

Hi

u need to add the below line in u r config

aaa authentication enable default group tacacs+

Thanks

Mahmood

0 Helpful

gopal_4476
Level 1
Level 1
In response to mahmoodmkl

‎05-24-2008 02:28 AM

Hi Mahmood,

Thanks for your reply, I have applied the given command and its not accepting.

Its Cisco WAAS router ruuing below ios.

Cisco Wide Area Application Services Software (WAAS)

Copyright (c) 1999-2007 by Cisco Systems, Inc.

Cisco Wide Area Application Services Software Release 4.0.13 (build b23 Sep 8 2007)

Version: oe7341-4.0.13.23

Compiled 18:41:02 Sep 8 2007 by cnbuild

System was restarted on Sat Apr 12 13:49:26 2008.

The system has been up for 5 weeks, 6 days, 20 hours, 37 minutes, 16 seconds.

Regards,

Gopal

0 Helpful

mahmoodmkl
Level 7
Level 7
In response to gopal_4476

‎05-24-2008 02:50 AM

Hi

can u try this

authentication enable tacacs enable primary

Thanks

Mahmood

0 Helpful

mahmoodmkl
Level 7
Level 7
In response to gopal_4476

‎05-24-2008 02:51 AM

Hi

can u try this

authentication enable tacacs enable primary

Thanks

Mahmood

0 Helpful

gopal_4476
Level 1
Level 1
In response to mahmoodmkl

‎05-24-2008 03:21 AM

Yes, tried this. Nothing is working.

Regards,

Gopal

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to gopal_4476

‎05-24-2008 12:19 PM

Gopal

Pretty clearly the problem is that it is requiring the local enable password because there is no configuration in aaa for authenticating enable. So we need to find the correct syntax to use. Can you post the output that you get from online help?

- go into config mode.

- type aaa authentication enable ?

- if it shows default as an option then type

aaa authentication enable default ?

Perhaps this will help us figure what syntax it is looking for.

HTH

Rick

HTH

Rick
0 Helpful

sansuresh
Level 1
Level 1
In response to Richard Burts

‎05-29-2008 11:19 PM

Hi Rick,

i am able to login via Telnet but unable to login via GUI.

Gopal

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card