I need certain users to authentication their enable password against our TACACS server. To do so I issued: "aaa authentication enable default group TACACS enable" I also want my console line to use the line password and then the local enable password. I have entered : aaa authentication login console line line con 0 password ******* line authentication console The issue is when I make a console connection it prompts me for the line password which works correctly, however then to get to level 15 I type enable and it prompts me for a username. This is because I have the enable default group pointed to the TACACS server first. You cannot create another enable group outside of the default group. Is there a way I can force the console line to instead use the local enable password?