Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Tacacs and CATOS

I am finding when the TACACS server is unavailable that when telnetting to the Catalyst (CATOS) switch I am being prompted for the username even after it tells you that the server is unavailable.

The TACACS configuration is;

set authentication login tacacs enable telnet primary

set authentication enable tacacs enable telnet primary

!

set authorisation exec enable tacacs+ if-authenticated telnet

set authorisation enable enable tacacs+ if-authenticated telnet

set authorisation commands enable all if-authenticated telnet

Also can you telnet directly into the enable mode if you are authenticated to do so based on your username/password.

1 REPLY
Silver

Re: Tacacs and CATOS

Hi,

Do you have authentication login tacacs on to lets say line/enable password as secondary? It should only ask you for the password not the uname/password when ACS server is down. What version of code are you running?

Regarding your second q. yes it is possible to go to enable mode directly, but for that you need to have "shell/exec" checked and priv-lvl set to 15.

I hope this helps. Thanks,

Mynul

309
Views
0
Helpful
1
Replies
CreatePlease to create content