cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Tacacs authentication for console access on the switch

3779
Views
5
Helpful
1
Comments

This configuration  configures a tacacs + server for user authentication for console access.

aaa new-model
aaa authentication login console group tacacs+ local
aaa authentication enable console group tacacs+ enable
aaa authorization exec console group tacacs+ local if-authenticated
aaa accounting exec console start-stop group tacacs+
aaa session-id common
tacacs-server host 10.10.10.1
tacacs-server directed-request
tacacs-server key test
ip access-list standard VTY-ACCESS
remark VTY ACCESS
permit 172.24.0.0 0.0.255.255
deny any log
line con 0
exec-timeout 5 0
login authentication console

authorization exec console

transport output telnet
stopbits 1
line vty 0 4
access-class VTY-ACCESS in
exec-timeout 5 0
transport input telnet
transport output telnet
line vty 5 15
transport input none
transport output none

#Please post comments if there are any queries and rate if useful

Comments
Beginner

Hello Minkumar

 

I am having an issue with accessing a new Cisco 9410 console.  Is there another way to access the switch? I think the issue is with the TACAC server.  The switch is offline no TACAC server available. I am trying to complete configuring the switch.... Any assistance is greatly appreciated. I was under the assumption the switch would default to the local login after the 3 minute timeout