I think I can answer the first couple questions.
If the user authentication fails to the first server the second server
will NOT be contacted.
The reason for a second server is if the first server fails to respond
to an authentication request. A third server can even be configured,
and it is wise to use the 'local' setting at the end of that command,
unless you do not want any access while all the authentication servers
are not responding.
Last, I am almost positive that authentication has to happen first.
Jim
Eric Gunn wrote:
> If more than 1 tacacs server is defined in a config what would happen if
>
> The user dosen't authenticate, it will NOT contact the second server correct?
>
> The only reason to have a second server assigned is if the first one is not
> responding, in which case the config would allow for use of the second server.
>
> Also Authentication must take place before anything can happen.
>
> I know I some of these questions are basic, I just want to verify and see
> if I am misunderstanding something.
>
>
> Thanks,
>
> --Eric
>
> _________________________________
> FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
