I agree with Christopher I think, if what he is saying is to prevent being
denied access if the TACACS server is down in AAA set the method list to
first goto to TACACS then local for access. That way in the case the TACACS
server is down it would goto a local database next.
>>>Brian
>From: "Kane, Christopher A." <[EMAIL PROTECTED]>
>Reply-To: "Kane, Christopher A." <[EMAIL PROTECTED]>
>To: "'Kathy Miihalisko'" <[EMAIL PROTECTED]>, Ric Messier
><[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: TACACS and console port
>Date: Fri, 29 Dec 2000 09:09:07 -0500
>
>Couldn't you add a "login local" to the AUX port? That way in the event you
>can't reach the TACACS, you can gain access via authentication from the
>local database. For instance, you only have one WAN connection, and it's
>down, but can reach the router via OOB.
>
>Chris
>
>-----Original Message-----
>From: Kathy Miihalisko [mailto:[EMAIL PROTECTED]]
>Sent: Friday, December 29, 2000 8:42 AM
>To: Ric Messier; [EMAIL PROTECTED]
>Subject: RE: TACACS and console port
>
>
>Provided there are no "backdoors" or backup tacacs, it should fail.
>
>Kathy "Katyusha" M.
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Ric Messier
>Sent: Friday, December 29, 2000 7:41 AM
>To: [EMAIL PROTECTED]
>Subject: TACACS and console port
>
>
>Hi,
> Quick question, because I'm away from a lab that would give me the
>ability
>to test this. If I have authentication on my console/aux ports set to
>TACACS
>and my TACACS server goes down, what happens if I connect to either of
>those
>ports (say the AUX port with a modem)? Do I get denied or allowed? ie, do
>we
>fail open or closed?
>
>Thanks,
>Ric
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
