Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

tacacs+ fail safe

Does anyone know how to configure a 2900 switch with tacacs+ authentication security to fall over to basic IOS authentication if the tacacs+ server is down or not available?

Basically, I want tacacs+ authentication security on every devices in the enterprise but I do not want to loose the ability to log into the device if the tacacs+ server is ever down or not available.

1 REPLY
New Member

Re: tacacs+ fail safe

Use something like aaa authentication login default tacacs+ local

This tells the IOS to use TACACS+, but if no answer from TACACS+ then it will use the local database. You can populate the local database with the "username xxxxxxx password xxxxx" command. Hope this helps!

228
Views
0
Helpful
1
Replies
CreatePlease to create content