I've posted this problem but didn't get much response. I really
need help on this problem. I need help in configuring both the TACACS+
server and the Network Access Server (NAS). I am currently running the
TACACS+ server on Linux RedHat 7 with kernel 2.4.2. I am running the
NAS on a cisco 2610 router with IOS 12.0.15 Enterprise plus with ipsec
capability. I am running TACACS server version tac_plus-F4.0.3.alpha-7.
Here is the configuration of the tacacs configuration file:
key = "helpme"
user = xyz {
member = admin
login = des 7bYbKxc
}
user = abc {
member = admin
login = des YZdX64CcM
}
user = def {
service = exec {
default attribute = permit
}
member = normal
login = des 3zz3A/3Nc7RCU
expires = "Mar 08 2002"
}
group = admin {
default service = permit
service = exec {
priv-lvl = 15
}
}
group = normal {
}
user = $enab15$ {
login = cleartext "Ineedhelp"
}
Here is the what I configure on the NAS:
aaa new-model
aaa authentication login usetacacs tacacs+ local enable
aaa authentication login usenone none
aaa authorization commands 1 usetacacs1 tacacs+
enable secret 5 $1gGfwBcXfakuNKYSV0
tacacs-server host 172.16.1.23
tacacs-server key helpme
line vty 0 4
authorization commands 1 usetacacs1
login authentication usetacacs
I would like to be able to make both users abc and xyz to be
able to go into the privilege mode (enable) each with their
own password. Right now, even though abc and xyz can
access the NAS, they have to share the enable secret
password which is something I like to avoid. How can I
make this happen? What am I doing wrong here? Please
help... I am desperate...
Many thanks.....
Sean
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
