Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1686
Views
0
Helpful
2
Replies

Configuring TACACS+ for IOS and CATOS devices

sanderl
Level 1
Level 1

‎09-03-2003 06:18 AM - edited ‎03-10-2019 07:28 AM

I am trying to configure TACACS+ on my Cisco Devices. I have my ACS server up and running and I want my devices when someone tries to login to the devices I want them to authenticate with the ACS server but I can not get it work let alone the authorization and accounting commands. Can someone help me with this? Thanks.

Labels:
0 Helpful
2 Replies 2

sanderl
Level 1
Level 1

‎09-03-2003 07:18 AM

What I am tryin to accomplish is to have the ACS (2.6)server use the Windows NT database and if the devices can not contact the server to fall back to user names and accounts on the device.

0 Helpful

pvanvuuren
Level 3
Level 3
In response to sanderl

‎09-03-2003 11:04 AM

Compare this basic config with yours.

aaa new-model

aaa authentication login default group tacacs+ local

aaa accounting exec default start-stop group tacacs+ local

username admin password admin

ip tacacs source-interface loopback0

tacacs-server host 10.1.51.75 key XYZ

The "local" entry at the end of the line indicates the fallback mechanism. This can be changed to the enable password, line password or none. Be carefull with "none" though, if it is configured to none and your tacacs server is down, you are locked out of the router.

This should work. If not , send your config or exlain in more detail.

0 Helpful
Customers Also Viewed These Support Documents