×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

aaa tacacs+ backup line

Unanswered Question
Feb 16th, 2004
User Badges:

hi,

I am using aaa for tacacs+ authentication on my routers but my tacacs+ server is taking usernames from LDAP. If LDAP goes down my authentication is failing. So I need a backup configuration for line vty 4 like

"aaa authentication login test line"

"login authentication test"


But line searching "enable" password from tacacs server...

I want that "line must use local enable password"


Ozlem



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mhoda Mon, 02/16/2004 - 09:43
User Badges:
  • Silver, 250 points or more

Hello Ozlem,


If the LDAP server fails then router will not fall back to local database unlike if ACS fails. The reason is that information is not propogated to the router. You can have backup LDAP server defined on the ACS though for fall back on ACS side.


Thanks,


Mynul

ozlemduran Mon, 02/16/2004 - 23:17
User Badges:

first of all thanks for your help,


but I cant do that bacause LDAP server admins dont want that :) and there is an interesting thing, my friends have used that commands at old IOS versions, I think it was a bug???

ozlemduran Sun, 02/22/2004 - 00:22
User Badges:

Hello again,


I am still loking for the answer, is there a way to solve my problem?


Thanks

Actions

This Discussion