[c-nsp] Catalyst 2960G & Tacacs

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Mon May 19 12:05:21 EDT 2008


Hi,
> HI,
> 
>  
> 
> I met some difficulties to set up my switch 2960G with tacacs. I have configured a username in local and set an authentification list as follow :

you need to configure the groups for it to use local if server fails.

eg

aaa authentication login default group tacacs+ enable
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+

tacacs-server host 192.168.1.0
tacacs-server host 192.168.0.255
tacacs-server key 7 <crackable secret>


alan


More information about the cisco-nsp mailing list