Re: Cisco ACS/Telnet config [7:27648]

Thu, 29 Nov 2001 06:45:05 -0800 

The reason you can not telnet into the router is because you have the
default login method pointing to a tacacs server.  But you have not defined
the tacacs server in the configuration.

Because you do not give it a backup method when the tacacs server is down,
you are denied.

Try the following modification:

username backup password bosco
aaa authentication login default tacacs+ local


This way, when the tacacs server is down you will be prompted for the local
username and password wich is:
    username: backup
    password: bosco


Paul Borghese


----- Original Message -----
From: "Richard" 
To: 
Sent: Thursday, November 29, 2001 12:20 AM
Subject: Cisco ACS/Telnet config [7:27648]


> Looking at the config below,  can anyone tell me where I might go wrong
that
> prevent me from telneting to this router?  I am able to use the same
account
> from Cisco ACS 2.6 to log onto the console, but not through telnet.
>
> Thanks in advance for your help
>
>
>
> Current configuration:
> !
> version 12.0
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname Router
> !
> aaa new-model
> aaa authentication login default tacacs+
> aaa authentication login no_tacacs enable
> aaa authentication enable default tacacs+
> aaa authentication ppp default tacacs+
> aaa authorization exec default tacacs+
> aaa authorization exec no_tacacs local
> aaa authorization network default tacacs+
> aaa authorization network no_tacacs local
> aaa accounting exec default start-stop tacacs+
> aaa accounting network default start-stop tacacs+
> enable password enable
> !
> ip subnet-zero
> !
> !
> !
> interface Ethernet0
>  ip address 5.1.1.4 255.255.255.0
>  no ip directed-broadcast
> !
> interface Serial0
>  no ip address
>  no ip directed-broadcast
>  no ip mroute-cache
>  shutdown
>  no fair-queue
> !
> interface Serial1
>  no ip address
>  no ip directed-broadcast
>  shutdown
> !
> ip classless
> !
> tacacs-server host 5.1.1.1 single-connection
> tacacs-server key cisco
> !
> line con 0
>  transport input none
> line aux 0
> line vty 0 4
>  password line
> !
> end




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27674&t=27648
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to