Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
609
Views
0
Helpful
1
Replies

Fallback Password problems (3550 &2950)

dlupton
Level 1
Level 1

‎04-12-2002 01:38 AM - edited ‎03-08-2019 10:18 PM

I realy belive I've missed something. When the 3500 &2950 switches loose conection to the tacacs+server I cannot get access. The switch is'nt giving me the option to use the fallback. The following is a selection og the configs.

logging buffered 10000 debugging

no logging console

aaa new-model

aaa authentication login default group tacacs+

aaa authentication login no_tacacs enable

aaa authentication ppp default group tacacs+

aaa authorization exec default group tacacs+

aaa authorization network default group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

and at the vty line -

line vty 0 4

password whatever

line vty 5 15

password whatever1

What am I missing ? Thanks

Labels:
0 Helpful
1 Reply 1

Erick Bergquist
Level 6
Level 6

‎04-14-2002 07:21 PM

You need to add a 'local' to end of aaa commands. You'll also need a username configured for each user.

username x password y

aaa new-model

aaa authentication login default group tacacs+ local

OR you can make the vty lines authenticate locally only:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login NO_AUTH none

!

line vty 0 4

login authentication NO_AUTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents