TACACS LIST METHOD

ajay chauhan · ‎11-08-2006

Hi Guy,

Please clear some of my doubts for tacacs client configuration.

#aaa authentication login default group tacacs+ local

what will be diffrence between both configuration.

#aaa authentication login myway tacacs+ local

!

#aaa authentication login default group tacacs+

what will happen incase tacacs+ server is not avilable it will go to next method which is local and user can use username and password configured locally.

Incase i have defined line inplace of local.

#aaa authentication login myway tacacs+ line

will user be able to local with the password configured for

#Line VTY 0 4

#login

#password 123456

if vty interface already has entry for tacacs server can we configure the login password for the same.

#line vty 0 4

#aaa authentication myway

what will be the exact configuration for router .

network.king · ‎11-09-2006

Hi,

1.The diff is that , for all login authentication ( not specified by some name) or by default would use tacacs . But the second one , only the auth that is specified the name would go for that authentication

and this explains ur last question

line vty 0 4

login authentication myway --- only vty login would use tacacs+

In case if you have not configured anything after tacaacs, then no authentication and you would not be able to login .

If given local , then would go for the local username and pwd given .If given line, then would go for the password configured under the line vty

Hope this helps

regards

vanesh k