TACACS and enable password

Answered Question
Feb 18th, 2009
User Badges:

hi folks.


I am able to login to my router VIA TACACS+ server. My username and password doesnot work with enable mode. When I do enable after login to user prompt; it just throws me "Authentication failed" message.


AAA commands used


aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication enable default group tacacs+ enable




I set up TACACS+ server and key as it has been working with login.


I really appreciate if any one can help in this issue.


rgrds

subharose


Correct Answer by Yudong Wu about 8 years 3 months ago

I don't have ACS server in hand right now. But I believe that you need turn on something on ACS server so that you can have TACACS+ to authenticate on enable password. Just enable all TACACS+ feature under "Interface" then go throught each feature you have under user configuration to see which one might be related to it.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Yudong Wu Wed, 02/18/2009 - 14:09
User Badges:
  • Gold, 750 points or more

I don't have ACS server in hand right now. But I believe that you need turn on something on ACS server so that you can have TACACS+ to authenticate on enable password. Just enable all TACACS+ feature under "Interface" then go throught each feature you have under user configuration to see which one might be related to it.


Yudong Wu Wed, 02/18/2009 - 14:25
User Badges:
  • Gold, 750 points or more

Thanks, You are so quick. :)

glen.grant Wed, 02/18/2009 - 14:23
User Badges:
  • Purple, 4500 points or more

You have it set up to use the enable secret or enable password for enable mode so you will have to use that otherwise change the second line so that the end also reads local instead of enable.

Actions

This Discussion