Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

2 tacacs

hello

suppose i configured 2 aaa authentication login methods: one for dialup users and the second for telnet from network administrator:

aaa authentication login default group tacacs+ local

aaa authentication login whoisit group tacacs+ local enable

and suppose we will use 2 tacacs servers: one for each method.

is it possible to map each authentication method to one tacacs server?

i don't think so, because when defing the tacacs server there is no keyword to specify the aaa method.

any idea?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: 2 tacacs

Hi Oussama,

Yes, you can use server-group:

aaa group server tacacs+ group1

server 1.1.1.1

!

aaa authentication login test1 group group1 local

tacacs-server host 1.1.1.1 key cisco

BR,

Mohammed Mahmoud.

5 REPLIES

Re: 2 tacacs

Hi Oussama,

Yes, you can use server-group:

aaa group server tacacs+ group1

server 1.1.1.1

!

aaa authentication login test1 group group1 local

tacacs-server host 1.1.1.1 key cisco

BR,

Mohammed Mahmoud.

Hall of Fame Super Silver

Re: 2 tacacs

Oussama

Mohammed is quite correct. I have done exactly what you are asking about to configure a router to support dial up users and to configure aaa authentication so that dial up users uathenticate with one TACACS server and the administrative (telnet) users authenticate with a different server. The ability to configure server groups makes this possible. And it works very well.

In my implementation I found it easier to let the dial users use the default authentication method (with one server group) and to specify a named method for the administrative users (with a different server group).

HTH

Rick

Silver

Re: 2 tacacs

hi rick

that's exactlly what i will do: dial users use the default authentication method and administrators use an other one.

thanks

Silver

Re: 2 tacacs

thanks mohammed. you have usually the solutions to my problems :-)

Re: 2 tacacs

Hi Oussama,

You are very welcomed :), and thank you for the rating.

BR,

Mohammed Mahmoud.

182
Views
3
Helpful
5
Replies