02-16-2004 06:34 AM - edited 03-10-2019 07:40 AM
hi,
I am using aaa for tacacs+ authentication on my routers but my tacacs+ server is taking usernames from LDAP. If LDAP goes down my authentication is failing. So I need a backup configuration for line vty 4 like
"aaa authentication login test line"
"login authentication test"
But line searching "enable" password from tacacs server...
I want that "line must use local enable password"
Ozlem
02-16-2004 09:43 AM
Hello Ozlem,
If the LDAP server fails then router will not fall back to local database unlike if ACS fails. The reason is that information is not propogated to the router. You can have backup LDAP server defined on the ACS though for fall back on ACS side.
Thanks,
Mynul
02-16-2004 11:17 PM
first of all thanks for your help,
but I cant do that bacause LDAP server admins dont want that :) and there is an interesting thing, my friends have used that commands at old IOS versions, I think it was a bug???
02-22-2004 12:22 AM
Hello again,
I am still loking for the answer, is there a way to solve my problem?
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: