-----Original Message-----
From: wei li [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 29, 2000 11:43 AM
To: Brian Lodwick
Subject: RE: TACACS and console port
I remebered you could configure CISCO router to record the password which is
got from TACACS last time. In case TACACS is gone, router would use the
password which is recorded at the lastest time.
Wei Li
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Brian Lodwick
Sent: Friday, December 29, 2000 10:23 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: TACACS and console port
I agree with Christopher I think, if what he is saying is to prevent being
denied access if the TACACS server is down in AAA set the method list to
first goto to TACACS then local for access. That way in the case the TACACS
server is down it would goto a local database next.
>>>Brian
>From: "Kane, Christopher A." <[EMAIL PROTECTED]>
>Reply-To: "Kane, Christopher A." <[EMAIL PROTECTED]>
>To: "'Kathy Miihalisko'" <[EMAIL PROTECTED]>, Ric Messier
><[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: TACACS and console port
>Date: Fri, 29 Dec 2000 09:09:07 -0500
>
>Couldn't you add a "login local" to the AUX port? That way in the event you
>can't reach the TACACS, you can gain access via authentication from the
>local database. For instance, you only have one WAN connection, and it's
>down, but can reach the router via OOB.
>
>Chris
>
>-----Original Message-----
>From: Kathy Miihalisko [mailto:[EMAIL PROTECTED]]
>Sent: Friday, December 29, 2000 8:42 AM
>To: Ric Messier; [EMAIL PROTECTED]
>Subject: RE: TACACS and console port
>
>
>Provided there are no "backdoors" or backup tacacs, it should fail.
>
>Kathy "Katyusha" M.
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Ric Messier
>Sent: Friday, December 29, 2000 7:41 AM
>To: [EMAIL PROTECTED]
>Subject: TACACS and console port
>
>
>Hi,
> Quick question, because I'm away from a lab that would give me the
>ability
>to test this. If I have authentication on my console/aux ports set to
>TACACS
>and my TACACS server goes down, what happens if I connect to either of
>those
>ports (say the AUX port with a modem)? Do I get denied or allowed? ie, do
>we
>fail open or closed?
>
>Thanks,
>Ric
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
