Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1169
Views
0
Helpful
3
Replies

TACACS and Cisco 2500 Async Lines

sean.boston
Level 1
Level 1

‎07-27-2004 01:35 PM - edited ‎03-10-2019 07:55 AM

I have printers connected to a Cisco 2500 and we use reverse telnet for printing to the lines. How do I configure AAA so that it doesn't go to the TACACS server for authentication? I just want the TACACS on the vty, console and aux lines.

Thx

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎07-28-2004 08:15 AM

my suggestion would be to configure a specific authentication method on the lines you do want to authenticate and then to configure the default login authentication to none. This should use tacacs for the lines where real users are logging in and should do nothing for the reverse telnet which is using the default. The relevent parts of the config might look like this:

line con 0

login authentication real_users

line aux 0

login authentication real_users

line vty 0 4

login authentication real_users

aaa authentication login default none

aaa authentication login real_users group tacacs+ line

HTH

Rick

HTH

Rick
0 Helpful

sean.boston
Level 1
Level 1
In response to Richard Burts

‎07-28-2004 02:21 PM

What version of IOS is this command in? The version that I am using the "group" qualifier is not available.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to sean.boston

‎07-29-2004 08:29 AM

The routers I used as a source are running 12.3.

I looked in some older documentation and all you need to do is to omit the group parameter.

So the commands would be:

aaa authentication login default none

aaa authentication login real_users tacacs+ line

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents