08-26-2009 05:45 AM - edited 03-10-2019 04:39 PM
TACACS+ is configured for AAA (Authentication and Authorization) with LOCAL as a backup. But how can I ensure that the local user will be authorized to perform tasks in the event that TACACS+ is unavailable. The authentication fails over fine, but Im not sure how to set up authorization for the local user
08-26-2009 05:54 AM
Hi,
If you have created local users with privlege 15 then they won;t face any issue in tacacs server absence but if you really want to configure local authorization with diffferent privlege level then
check this:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
HTH
Regards,
JK
08-26-2009 07:12 AM
Most of the time this is true, but occasionally I get the following "Fallback authorization. Username 'enable_15' not in LOCAL database
Command authorization failed
"
08-26-2009 07:27 AM
Get your running config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide