Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1329
Views
0
Helpful
3
Replies

aaa tacacs+ backup line

ozlemduran
Level 1
Level 1

‎02-16-2004 06:34 AM - edited ‎03-10-2019 07:40 AM

hi,

I am using aaa for tacacs+ authentication on my routers but my tacacs+ server is taking usernames from LDAP. If LDAP goes down my authentication is failing. So I need a backup configuration for line vty 4 like

"aaa authentication login test line"

"login authentication test"

But line searching "enable" password from tacacs server...

I want that "line must use local enable password"

Ozlem

Labels:
0 Helpful
3 Replies 3

mhoda
Level 5
Level 5

‎02-16-2004 09:43 AM

Hello Ozlem,

If the LDAP server fails then router will not fall back to local database unlike if ACS fails. The reason is that information is not propogated to the router. You can have backup LDAP server defined on the ACS though for fall back on ACS side.

Thanks,

Mynul

0 Helpful

ozlemduran
Level 1
Level 1
In response to mhoda

‎02-16-2004 11:17 PM

first of all thanks for your help,

but I cant do that bacause LDAP server admins dont want that :) and there is an interesting thing, my friends have used that commands at old IOS versions, I think it was a bug???

0 Helpful

ozlemduran
Level 1
Level 1
In response to ozlemduran

‎02-22-2004 12:22 AM

Hello again,

I am still loking for the answer, is there a way to solve my problem?

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents