09-25-2008 07:17 AM - edited 03-10-2019 04:06 PM
Hi,
I have configured accaunting with Tacacs on a 3560 as:
- aaa authentication login default group tacacs+ local none
everything works fine but when I let the tacacs go off-line (ip route to null0) I can still telnet in the 3560 using username and passwords defined on the tacacs server, an it promps me "% Backup authentication", is it correct? I would expect not to be possible to use the same credentials but it should allow the local user database
thanks
Solved! Go to Solution.
09-25-2008 01:32 PM
Try removing "none", command should look like,
aaa authentication login default group tacacs+ local
- At this moment, I think this is happening,
-- Tacacs+ services not available, go for next method,
-- Local account (the username/password combination that you used does not exist on the local database), go for next method,
-- none (you are in)
Regards,
Prem
Please rate if it helps!
09-25-2008 01:32 PM
Try removing "none", command should look like,
aaa authentication login default group tacacs+ local
- At this moment, I think this is happening,
-- Tacacs+ services not available, go for next method,
-- Local account (the username/password combination that you used does not exist on the local database), go for next method,
-- none (you are in)
Regards,
Prem
Please rate if it helps!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: