Solved: Locked out of Tacacs, Set the wrong VLAN interface

michael brock · ‎09-22-2014

Hello,

In the midst of applying and testing new TACACS configs, I set the t"IP TACACS SOURCE INTERFACE" to the wrong VLAN. My mistake and fortunately I tested it on a switch that is not really used. So I figure no bid deal, Ill unplug the trunk and go in through the console with the username, with my understanding that if no tacacs server is available, the local username would be used. Well either the username/password combo is not correct, or the theory of "Not being able to contact tacacs server, so use the local username" is not correct.

Anyway, does anyone have any ideas? Possibly a password recovery then change the username password and correct the VLAN problem?

Thanks for your help..

saxenanitesh8522 · ‎09-22-2014

Hi,

if you are not able to access the switch, just do a password recovery for the switch. you would be able to access the switch and change the configuration.

it depends on the AAA configuration commands for the authentication if you have given tacacs then local authentication if the aaa is not reachable..

Thanks

Please rate if helpful...

View solution in original post

saxenanitesh8522 · ‎09-22-2014

Hi,

if you are not able to access the switch, just do a password recovery for the switch. you would be able to access the switch and change the configuration.

it depends on the AAA configuration commands for the authentication if you have given tacacs then local authentication if the aaa is not reachable..

Thanks

Please rate if helpful...

michael brock · ‎10-23-2014

I did the password recovery, and all is well! Thanks!