Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Fallback Password problems (3550 &2950)

I realy belive I've missed something. When the 3500 &2950 switches loose conection to the tacacs+server I cannot get access. The switch is'nt giving me the option to use the fallback. The following is a selection og the configs.

logging buffered 10000 debugging

no logging console

aaa new-model

aaa authentication login default group tacacs+

aaa authentication login no_tacacs enable

aaa authentication ppp default group tacacs+

aaa authorization exec default group tacacs+

aaa authorization network default group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

and at the vty line -

line vty 0 4

password whatever

line vty 5 15

password whatever1

What am I missing ? Thanks

1 REPLY

Re: Fallback Password problems (3550 &2950)

You need to add a 'local' to end of aaa commands. You'll also need a username configured for each user.

username x password y

aaa new-model

aaa authentication login default group tacacs+ local

OR you can make the vty lines authenticate locally only:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login NO_AUTH none

!

line vty 0 4

login authentication NO_AUTH

238
Views
0
Helpful
1
Replies
CreatePlease to create content