Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

TACACS+

Loging into a Cisco switch I want the below options to work. Im using Cisco ACS v4.1 and a cisco 3560 switch.

Is this possible

Switch login options:

1. TACACS+ server authenciation (Cisco ACS) ---

2a. TACACS+ server fails (Cisco ACS) - use local switch AAA username & Password

2b. TACACS+ username and password incorrect (Failed login on ACS) - use local switch AAA username & Password

! Console port

3 Console port use local AAA username and password only

  • AAA Identity and NAC
2 REPLIES

Re: TACACS+

1. aaa authentication login VTYMethod group tacacs+

line vty 0 4

login authentication VTYMethod

1a. aaa authentication login VTYMethod group tacacs+ local

line vty 0 4

login authentication VTYMethod

2b. AFAIK you can't do that

3. aaa authentication login CONSOLEMethod group local

line con 0

login authentication CONSOLEMethod

Hope that helps.

Re: TACACS+

2b. You will not be able to do this.  The local method is only checked if the TACACS method is unresponsive.  A failed TACACS authentication is an active response.

299
Views
3
Helpful
2
Replies
This widget could not be displayed.