Actually once you enter aaa new-model then the vty lines use the default authentication method and so aaa authentication login default will do very nicely for the vty authentication.
Your original post was very specific about using TACACS to authenticate telnet but was not specific about what you wanted to use on the console. By default this configuration will also authenticate console sessions the same way that it does the telnet sessions. If you want something different on the console then we need to add a couple of things in your config.
Also it might be beneficial to add to your config the command:
ip tacacs source-interface
this is especially useful if there is more than one interface that might be the source for packets going to TACACS. The server will use a single address to identify each remote device and the TACACS packets need to be sourced from that address.
Also I agree that the accounting might be simplified to use just level 15 accounting. Unless you are doing something complex with privilege levels there is no benefit in specifying levels 2 to 14. And while I question the utility of logging every user level command that anyone enters, if that is what you really want then leave in the accounting level 1.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...