To all R&S expert,
I have a customer which wants their TACACS server to authenticate for both 'lgoin' as well as 'enable'. However, doesn't matter what they do, they get prompt for the username and password twice. However, they want to be prompt for both username + password once during 'login', but when they press enable, they only want the password to be prompt, but not the username again.
Currently they have the following config on their Cat 6513
aaa authentication password-prompt "Backup-password: "
aaa authentication username-prompt "Backup-username: "
aaa authentication login default group tacacs_group local
aaa authentication enable default group tacacs_group enable
And they currently see the following when login and enable
!!! NO UNAUTHORIZED ACCESS !!!
Access to this device or the attached networks
without explicit written permission is prohibited
and will be prosecuted.
User Access Verification
I have spent a great amount of time on this already but couldn't figured out why. Would appreciated anyone's help.