11-26-2015 01:30 PM - edited 03-08-2019 02:52 AM
Hi !
I have to return back to local authentication process without AAA process, on one switch running CatOS 8.4.6
I have those command configured :
#authorization
set authorization exec enable tacacs+ none console
set authorization exec enable tacacs+ none telnet
set authorization commands enable all tacacs+ none telnet
#accounting
set accounting exec enable start-stop tacacs+
set accounting connect enable start-stop tacacs+
set accounting commands enable all stop-only tacacs+
#tacacs+
set tacacs server server_IP
set tacacs key key
!
#authentication
set authentication login tacacs enable telnet primary
I need also to configure username/password for telnet access instead
is someone can help me with this ?
11-27-2015 07:56 AM
Hello Xine,
Configure below command to create local user data base for authentication.
set localuser user poweruser password powerpass privilege 15
and you can enable line vty 0 15 access by applying acces group applying acl with subnet allowed.
Have look on this link authentication with Cat OS
Hope it Helps..
-GI
Rate if it Helps..
11-30-2015 06:14 PM
Hi !
in my case that command was not enough to enable and completely remove TACACS authentication from my switch....
I had to also enable local authentication on my switch which is explain in the following post :
https://supportforums.cisco.com/discussion/9672281/catos-individual-user-ids#comment-1593456
You can do that on Cat OS also. Rick, its possible and I have myself used it on my 6K's.
commands are:
set localuser authentication {enable | disable}
set localuser user username [password pwd] [privilege privilege_level]
set localuser password [user username]
the command reference is not working anymore....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide