cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2013
Views
0
Helpful
5
Replies

C9410R - TACACS+ Server config

ROBERT T
Level 4
Level 4

What is the proper way to configure the TACACS+ server config on a C9410R (SUP1) running 16.12.3a?

The config document says this format

tacacs server <NAME>

   address ipv4 <IP ADDRESS>

   key <KEY>

 

However, that's not an option on the switch. Below is the only option on the switch.

 

HOSTNAME(config)#tac?
tacacs-server

 

When I upgraded a 3650 using the old method to identify the TACACS server, I had to do Password Recovery to fix it. However, that seems to be the only option.

 

Configuration Document I am using.

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-12/configuration_guide/sec/b_1612_sec_9500_cg/configuring_tacacs_.html#con_1020721

5 Replies 5

marce1000
VIP
VIP

 

 - Check this document and or also have a look at the Configuation Examples :

   https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_tacacs/configuration/xe-16-12/sec-usr-tacacs-xe-16-12-book/sec-cfg-tacacs.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Deepak Kumar
VIP Alumni
VIP Alumni

Hi,

try this:

 

aaa new-model

aaa authentication login default tacacs+ local

!

tacacs-server host 192.168.100.100 <your server IP>
tacacs-server key P0127g
yu <key>

!

line vty 0 4

login authentication default

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

I can use that config, but the document I found states to use the new method, but it doesn't work.

 

What's interesting is that the new method works on the 9300 and the 3650's on 16.6.5 & 16.12.3a, but not on the 9400s running 16.12.3a.

 

Thank you

Hey!

Unfortunately I don't have any Catalyst 9400 to check ..

But I checked on 3850, 9200, 9300 and 9500.. New config style works everywhere.

Really strange that it doesn't work on 9400.

Guess you'll just have to use the old conifg style for TACACS+ config..

BR

Juls

Really, Not sure about the 9400.
Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Review Cisco Networking for a $25 gift card