Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACSE: Advanced TACACS+ Enable fault

Hi,

When I tried configure enable level access per NGD, it doesn't work.

Each time I see the same error:

"TACACS+ Enable: Defining Max Privilige on a per network device group to be select".

This error is the same if you don't select a NGD. ACSE ignores my selection.

My ACSE are two with 4.0(1) Build 42

Thanks,

Waldemar Pera

1 REPLY
Silver

Re: ACSE: Advanced TACACS+ Enable fault

You have to Configured shell command author on per NDG level for the user group. Yes. Your device is using the aaa authentication mechanism that you just configured on the device, as its supposed to do.

You probably logged in with the local username and/or password log-on credentials that have always existed prior to aaa deployment, and then you proceeded to configure TACACS authentication. Now, the device is rightly using the directives for verifying identity (authentication) that are set out in the aaa configuration -- and your log on credentials dont match, of course.

Typically, you should first configure your ACS server and then configure each node. When configuring each node, enter all the aaa commands and enablae passwords, etc, but WAIT to enter the tacacs key for last. This way you will no tlock yourself out of the device.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_pvt.html

133
Views
0
Helpful
1
Replies
CreatePlease to create content