cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
372
Views
0
Helpful
2
Replies

AAA problem in accessing switch through console

shoaib sheikh
Level 1
Level 1

Hello All,

I have configured aaa commands as below:

 

tacacs-server host xxxxxx
tacacs-server directed-request
tacacs-server key xxxxxx

aaa new-model

aaa new-model
aaa authentication login default local
aaa authentication login techop group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa session-id common

line vty 0 15
login authentication techop


Tacacs is working fine for ssh but when I am trying to console to switch
I am able to login in exec mode but when switch asking for enable password
the switch is not taking any password ( be it Tacacs or local credentials).
Also I am able to login to exec mode through console by local credentials 
and not by credentials of Tacacs server.


Temp>en
password:
% Error in authentication.

1 Accepted Solution

Accepted Solutions

edwardcollins7
Level 1
Level 1

Hey,

Please share :

debug aaa authentication

debug aaa authorizarion

debug tacacs+

Regards

Ed

View solution in original post

2 Replies 2

edwardcollins7
Level 1
Level 1

Hey,

Please share :

debug aaa authentication

debug aaa authorizarion

debug tacacs+

Regards

Ed

Hi Edward,

Thanks for taking interest in my query. I have myself found a working solution for this. I have removed command aaa authentication enable default group tacacs+ enable and I was able to enter privilege mode from local enable password.