08-22-2013 08:39 PM - edited 03-07-2019 03:04 PM
Hi Everyone,
Switch has aaa config below
3550SMIB#sh run | inc aaa
aaa new-model
aaa authentication login default group tacacs+ enable local ---1
aaa authentication login TAC1 group radius group tacacs+ local enable--2
aaa session-id common
Line vty 0 15 has no login authentication commands
If i telnet to switch it ask for enable password only.
Is this picking up enable password from line 1 or 2?
As per me it should ask for local pw as per line it it should go for more precise method of TAC1 and ask for local username and pw correct me if i am wrong?
Regards
MAhesh
Solved! Go to Solution.
08-23-2013 02:08 AM
Hi Mahesh,
Line vty 0 15 has no login authentication commands
in this case, the default authentication list (1) is used. The method-order of your default auth list is (1) TACACS; (2) enable password; (3) local user-database, the order of auth list "TAC1" is different.
If you want to change the auth list on your vtys, you can configure:
(config-line)#login authentication TAC1
Does that answer your question?
Best regards
Rolf
08-23-2013 07:58 AM
Look at the order of enable and local (behind TACACS which is first for both lists)
Sent from Cisco Technical Support Android App
08-23-2013 02:08 AM
Hi Mahesh,
Line vty 0 15 has no login authentication commands
in this case, the default authentication list (1) is used. The method-order of your default auth list is (1) TACACS; (2) enable password; (3) local user-database, the order of auth list "TAC1" is different.
If you want to change the auth list on your vtys, you can configure:
(config-line)#login authentication TAC1
Does that answer your question?
Best regards
Rolf
08-23-2013 07:42 AM
Hi Rolf,
When you say the order of auth list "TAC1" is different can you please explain what you mean by this?
Regards
Mahesh
08-23-2013 07:58 AM
Look at the order of enable and local (behind TACACS which is first for both lists)
Sent from Cisco Technical Support Android App
08-23-2013 07:59 AM
Got it.
Regards
MAhesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide