Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2325
Views
2
Helpful
3
Replies

tacacs server command is not recognized

lietadielko
Level 1
Level 1

‎09-27-2021 08:40 AM

Hi, 

 

can anybody get me a clear view what is going on?

I am not able to configure the "tacacs server XYZ" command, a newer format that replace "tacacs-server ip/key"

I am using the latest 17.3.4, and the command "tacacs server ..." was introduced in the version 16.5.1a

I am using Cat9410 switches.

 

I am missing something?

Command History for 

 ReleaseModification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

 

 

 

FRU01.C9410-1(config)#do sh install sum
[ R0 ] Installed Package(s) Information:
State (St): I - Inactive, U - Activated & Uncommitted,
C - Activated & Committed, D - Deactivated & Uncommitted
--------------------------------------------------------------------------------
Type St Filename/Version
--------------------------------------------------------------------------------
IMG C 17.03.04.0.5557

--------------------------------------------------------------------------------
Auto abort timer: inactive
--------------------------------------------------------------------------------


FRU01.C9410-1(config)#tacacs server tacacs
^
% Invalid input detected at '^' marker.


FRU01.C9410-1(config)#tacacs-server key ?

0 Specifies an UNENCRYPTED key will follow
6 Specifies an ENCRYPTED key will follow
7 Specifies HIDDEN key will follow
LINE The UNENCRYPTED (cleartext) shared key

FRU01.C9410-1(config)#tacacs-server key

 

thx.Martin

Labels:
0 Helpful
3 Replies 3

lietadielko
Level 1
Level 1

‎09-27-2021 08:47 AM

also recommended for all 17.3.x releases directly on cisco.com

 

TACACS legacy command: Do not configure the legacy tacacs-server host command; this command is deprecated. If the software version running on your device is Cisco IOS XE Gibraltar 16.12.2 or
a later release, using the legacy command can cause authentication failures. Use the tacacs server command in global configuration mode

(so I have to use it but I cannot :D) 

lietadielko
Level 1
Level 1

‎09-27-2021 08:52 AM

oki, I found it, I had to enable "aaa commands" first. then it was working.

 

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-27-2021 03:21 PM

 

Device> enable
Device# configure terminal
Device(config)# aaa new-model
Device(config)# tacacs server server1
Device(config-server-tacacs)# end

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9400/software/release/17-3/command_reference/b_173_9400_cr/security_commands.html#wp3900897971

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card