Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS Problem .....

Please help me for this problem

**************************

we have a PPP Link .End A 7206 and End B 7206 router.we are implementing the TACACS services on the router B. and tacacs server is residing in router A end. it's validates only tacacs user when our link is proper b/w END A and END B router. we want router should be validate also local user as well as TACACS user.

the configuration is following....

*****************************

!

aaa authentication login default local group tacacs+

aaa authentication login NO_AUTHEN none

aaa authentication ppp default group default-group local

aaa authorization console

aaa authorization config-commands

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization exec NO_AUTHOR none

aaa authorization commands 1 default group tacacs+ if-authenticated

aaa authorization commands 1 NO_AUTHOR none

aaa authorization commands 15 default group tacacs+ if-authenticated

!

!

!

**************************

what step we should follow for this..?

2 REPLIES
New Member

Re: TACACS Problem .....

aaa authentication login default local group tacacs+ LOCAL

Use this one.

New Member

Re: TACACS Problem .....

this command firstly authenticate the TACACS server after it authenticate local database. if tacacs server not avialable , then it go for local database. in this case we want both tacacs and local server both should be authenticate parallely.

for local user we are not defining any username in tacacs server. we want local user should be login in to the router without authenticate into the TACACS server.

112
Views
0
Helpful
2
Replies