Perhaps you can tell us a little more about how TACACS is configured on your router. I am not aware of anything in TACACS that acts differently depending on which interface you access.
When you attempt to access the router through the serial interface and it fails, do you get the prompt for name and password? After you attempt fails, have you checked the reports in TACACS and does it see the request for authentication. And if so what does it have for an error code?
I can think of a few things that might impact the ability to access a router via one interface but not another. One possibility is an access list on one interface but not the other that denies telnet access. Or the possibility that your path through the network is different depending on which interface you specify, and the possibility that the router might have a route for the return path to one but not to the other. Or the possibility that your telnet might have a different source address depending on which path through the network the telnet was using and the router might have an access list in the access-class on the vty ports which permits the Ethernet but not the serial.
HTH
Rick
HTH
Rick