Authorization using TACACS+ and local database

xantic · ‎03-19-2002

A company has a TACACS+ server which perfoms AAA functions for network componenets.

A router is configured with following commands:-

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login no_tacacs local

aaa authorization exec default group tacacs+ local

aaa accounting exec default start-stop group tacacs+

username abcd password 7 123abc456def

tacacs-server host 200.100.50.1

line con 0

privilege level 15

login authentication no_tacacs

transport input none

stopbits 1

line vty 0 4

password 7 567qwe923abc457ujtfg

line vty 5 15

password 7 987brf345tyg123rty78

If the TACACS+ server fails ,using the console port I am am able to telnet & navigate to the previlege mode.

If the TACACS+ server fails I am able to telnet to the router using tty mode & login in to the router.

I am not able to navigate to the previlige mode prompt.

What's the solution?

ciscomoderator · ‎03-26-2002

Often times complex configuration/troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.