02-16-2004 06:34 AM - edited 03-10-2019 07:40 AM
hi,
I am using aaa for tacacs+ authentication on my routers but my tacacs+ server is taking usernames from LDAP. If LDAP goes down my authentication is failing. So I need a backup configuration for line vty 4 like
"aaa authentication login test line"
"login authentication test"
But line searching "enable" password from tacacs server...
I want that "line must use local enable password"
Ozlem
02-16-2004 09:43 AM
Hello Ozlem,
If the LDAP server fails then router will not fall back to local database unlike if ACS fails. The reason is that information is not propogated to the router. You can have backup LDAP server defined on the ACS though for fall back on ACS side.
Thanks,
Mynul
02-16-2004 11:17 PM
first of all thanks for your help,
but I cant do that bacause LDAP server admins dont want that :) and there is an interesting thing, my friends have used that commands at old IOS versions, I think it was a bug???
02-22-2004 12:22 AM
Hello again,
I am still loking for the answer, is there a way to solve my problem?
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide