Configure TACACS+ for Admin Logins
July 3rd, 2009
How to configure IOS device for authentication to TACACS server for administrative logins:
! Create a local user and password username admin secret password ! ! Must enable AAA to configure TACACS+ aaa new-model ! ! Define the TACACS server IP address tacacs-server host x.x.x.x key abcdefghijk ! ! Use default for any service that uses authentication ! and use local database if tacacs server is not available aaa authentication login default group tacacs+ local ! ! Get user privileges from TACACS server and grant all ! privileges if TACACS is not available aaa authorization exec default group tacacs+ none ! ! Log to TACACS logging aaa accounting exec default start-stop group tacacs+
