TACACS and enable password

Answered Question
Feb 18th, 2009

hi folks.

I am able to login to my router VIA TACACS+ server. My username and password doesnot work with enable mode. When I do enable after login to user prompt; it just throws me "Authentication failed" message.

AAA commands used

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication enable default group tacacs+ enable

I set up TACACS+ server and key as it has been working with login.

I really appreciate if any one can help in this issue.

rgrds

subharose

I have this problem too.
0 votes
Correct Answer by Yudong Wu about 7 years 9 months ago

I don't have ACS server in hand right now. But I believe that you need turn on something on ACS server so that you can have TACACS+ to authenticate on enable password. Just enable all TACACS+ feature under "Interface" then go throught each feature you have under user configuration to see which one might be related to it.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Yudong Wu Wed, 02/18/2009 - 14:09

I don't have ACS server in hand right now. But I believe that you need turn on something on ACS server so that you can have TACACS+ to authenticate on enable password. Just enable all TACACS+ feature under "Interface" then go throught each feature you have under user configuration to see which one might be related to it.

glen.grant Wed, 02/18/2009 - 14:23

You have it set up to use the enable secret or enable password for enable mode so you will have to use that otherwise change the second line so that the end also reads local instead of enable.

Actions

This Discussion