Hello, I have TACACs login authentication configured on my 2960 running 12.2(44)SE5.

The problem is that when I break my connection to the TACACs server (for testing failover local login) I keep on getting prompted with the following:

Switch>enable
% Error in authentication.

How do I remove the need for an enable password.

p.s I know I can do it by entering 'privilege level 15' on the line con, but I don't want to do this as some of my users should not have such a high privilege level.

Here is my current config:

Current configuration : 2096 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
username myUser privilege 15 password 0 abc123
aaa new-model
!
!
aaa authentication login default group tacacs+ local
aaa authentication login CONSOLE local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands

aaa authorization exec default local if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!
!
!
aaa session-id common
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
switchport trunk allowed vlan 57
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan57
ip address 10.100.7.57 255.255.255.0
no ip route-cache
!
ip default-gateway 10.100.7.1
ip http server
ip tacacs source-interface Vlan57
tacacs-server host 10.21.250.212
tacacs-server timeout 10
tacacs-server directed-request
tacacs-server key RUc=U@3.n6:`%aZP3~nV
!
control-plane
!
!
line con 0
login authentication CONSOLE
line vty 5 15
!
end