• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1218
  • Last Modified:

AAA authentication question

I have a Cisco ACS server set up (TACACS+/RADIUS) and I'm a little confused about the router settings for this.

here is what works fine...

aaa new-model
aaa authentication login default group tacacs+ local

tacacs-server host key ****

username test password test

So if the ACS server is unavailable, it will use the lcoal database.

But I also want to disable TACACS+ completely on the console port.  I tried this...

aaa authentication login no-tacacs+ enable
line con 0
  login authentication no_tacacs+

But I get an error regarding the group "no-tacacs+"

Looks like I'm mising something here, so any help would be greatly appreciated.
1 Solution
Probably just a typo but I have to check:

login authentication no_tacacs+  (you have the group specified as "no-tacacs+")

no login tacacs
login local


Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now