Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

default password for when the server is unreachable

Hi I have recently configured AAA. when the server is running everything is fine but when the server is unreachable i'm locked out. How can I put a default username and password on for when the server is unreachable

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: default password for when the server is unreachable

James

There are several ways to configure AAA so that you are not locked out if the server is not available. You can use a locally configured user name, as you suggest here, or you can use the configured line passwords.

To use a locally configured user your configuration might look something like this:

user rick password cisco

aaa authentication login default group tacacs+ local

Or to use the line passwords as a backup your config might look something like this:

aaa authentication login default group tacacs+ line

You also probably need a backup for access to privilege mode. This is usually done using the locally configured enable secret. To do this the configuration might look something like this:

aaa authentication enable default group tacacs+ enable

HTH

Rick

1 REPLY
Hall of Fame Super Silver

Re: default password for when the server is unreachable

James

There are several ways to configure AAA so that you are not locked out if the server is not available. You can use a locally configured user name, as you suggest here, or you can use the configured line passwords.

To use a locally configured user your configuration might look something like this:

user rick password cisco

aaa authentication login default group tacacs+ local

Or to use the line passwords as a backup your config might look something like this:

aaa authentication login default group tacacs+ line

You also probably need a backup for access to privilege mode. This is usually done using the locally configured enable secret. To do this the configuration might look something like this:

aaa authentication enable default group tacacs+ enable

HTH

Rick

332
Views
0
Helpful
1
Replies
CreatePlease login to create content