Is there any way that authentication can be configured to use TACACS+ and local authentication simultaneously. For example, most users will have user profiles and will be authenticated using a TACACS server, but a few accounts will be configured locally on the Cisco device. I have used the following two configurations:
aaa authentication login default group tacacs+ local
(This configuration only goes to the local database if communication with the TACACS server fails completely)
aaa authentication login default local group tacacs+
(This configuration only checks the local database and never goes to the TACACS server)
I have not been able to find a configuration that will use TACACS and local authentication simultaneously
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...