Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
2
Replies

Tacacs not authenticating in secure ACS

Go to solution
christopher-j
Level 1
Level 1

‎07-07-2014 04:21 AM - edited ‎03-03-2019 07:30 AM

My network has a Secure ACS ver 5.30.40 and client 3750 IOS 12.2(44)SE5

aaa new-model

aaa authentication login default local group tacacs+

aaa authentication enable default group tacacs+ enable

aaa authentication console

aaa authentication exec default group tacacs+ local

aaa accounting command 15 default start-stop tacacs+

tacacs-server host X.X.X.X

tacacs-server directed-request

tacacs-server key X.X.X.X:

When a user attempts to login and access deny is returned.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Lisa Latour

‎08-30-2014 12:22 PM

I do not have a good understanding of the problem described by the original poster. There are multiple authentication methods configured and it is not clear which of them the user might be using. Lacking any specific information I will assume that this is the authentication method in question

aaa authentication login default local group tacacs+

And there is something unusual about this configuration. It specifies the primary authentication method as local with tacacs as the backup method. The more usual configuration would look like this

aaa authentication login default  group tacacs+ local

 

I also find the description of the problem confusing. The original poster says that access deny is returned which sounds like he is seeing tacacs activity. But if I am correct about the authentication method being used then local authentication is the primary method. Perhaps the original poster can provide some clarification.

 

HTH

 

Rick

HTH

Rick

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Lisa Latour
Level 6
Level 6

‎08-27-2014 10:31 AM

hello - this discussion was originally published in a community that does not show discussions. as well as is not an area for technical questions.  I will move this post to Network Infrastructure Other subjects.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Lisa Latour

‎08-30-2014 12:22 PM

I do not have a good understanding of the problem described by the original poster. There are multiple authentication methods configured and it is not clear which of them the user might be using. Lacking any specific information I will assume that this is the authentication method in question

aaa authentication login default local group tacacs+

And there is something unusual about this configuration. It specifies the primary authentication method as local with tacacs as the backup method. The more usual configuration would look like this

aaa authentication login default  group tacacs+ local

 

I also find the description of the problem confusing. The original poster says that access deny is returned which sounds like he is seeing tacacs activity. But if I am correct about the authentication method being used then local authentication is the primary method. Perhaps the original poster can provide some clarification.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents