Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Configuring TACACS+ on an IOS switch

Status
Not open for further replies.
peanutlife

peanutlife

IS-IT--Management
Jul 6, 2010
1
US
I know that we can configure TACACS+ in this order

aaa new-model
aaa authentication login default group tacacs+ local none
aaa authentication enable default none

Where the user is authenticated against TACACS+ server first and if the server is down, local authentication is used.

Is there a way to reverse it ie, if the user is not found in the local config, then the switch talks to TACACS server. If the user is found in the local config, then the switch does not do TACACS+

something like this

aaa authentication login default local group tacacs+

( I know the above does not work).

 
Sort by date Sort by votes
No. The issue is the local authentication method is always available so there would be no reason to fallback to a 2nd method.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
395
madwok
madwok
jarod_paris
  • Locked
  • Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
309
jarod_paris
jarod_paris
testman1
  • Locked
  • Question
SIP telephone ring on second call
Replies
0
Views
214
testman1
testman1
inlsp05
  • Locked
  • Question
2811 ios start with cf
Replies
0
Views
190
inlsp05
inlsp05
Willi DB
  • Locked
  • Question
Polycom410 Forward an incoming call
Replies
0
Views
155
Willi DB
Willi DB

Part and Inventory Search

Sponsor

Back
Top