Equipment Support > Hardware By Brand > Cisco > [Config] cisco tacacs

[Config] cisco tacacs

First of all, please remove any and all passwords, especially your enable secret from the config above. Secondly, have you looked at the log for TACACS on your Linux server? I don't think you are successfully communicating with the TACACS server. Does the TACACS server use source address filtering? If so, make sure that it is accepting connections from your router's IP address.
--
Ignorance is temporary...stupidity lasts forever!

the passwords are just temporary and it is on a temp network not attached to anything right now. I will try to find the tacacs log and see if it shows anything. I am not useing any source address filtering in my config.

Are you running TACACS on the default TCP port 49 on your Linux server? If not, then this is your problem. Either change the listening port on your server to TCP 49 or change your router to use the port your server is listening on like the example below.

tacacs-server host 192.168.1.102 <port#>

reply to jvltech
now i get garbage on the screen and when I hit authorization failed.

reply to rolande
Here is what my logging on the router is showing. Any help?

03:10:38: TPLUS: Queuing AAA Authentication request 25 for processing
03:10:38: TPLUS: processing authentication start request id 25
03:10:38: TPLUS: Authentication start packet created for 25()
03:10:38: TPLUS: Using server 192.168.1.102
03:10:38: TPLUS(00000019): connected to server 192.168.1.102
03:10:38: TPLUS: response received for AAA request 25
03:10:38: TPLUS: Received authentication response with status FAIL
03:10:40: TPLUS: Queuing AAA Authentication request 25 for processing
03:10:40: TPLUS: processing authentication start request id 25
03:10:40: TPLUS: Authentication start packet created for 25()
03:10:40: TPLUS: Using server 192.168.1.102
03:10:40: TPLUS(00000019): connected to server 192.168.1.102
03:10:40: TPLUS: response received for AAA request 25
03:10:40: TPLUS: Received authentication response with status FAIL
03:10:42: TPLUS: Queuing AAA Authentication request 25 for processing
03:10:42: TPLUS: processing authentication start request id 25
03:10:42: TPLUS: Authentication start packet created for 25()
03:10:42: TPLUS: Using server 192.168.1.102
03:10:42: TPLUS(00000019): connected to server 192.168.1.102
03:10:42: TPLUS: response received for AAA request 25
03:10:42: TPLUS: Received authentication response with status FAIL

reply to jvltech
I rebooted my linux server and now it is working

reply to jvltech
ok I can log into my router but when I try to enable it gives me an Error in authenication. Any ideas?

You have TACACS set to only trigger for enable mode. Are you sure you have the right userID and password? Second, I believe you have to give Privilege 15 rights to the user on your TACACS server, when you set it for enable mode authentication.
--
Ignorance is temporary...stupidity lasts forever!

reply to jvltech
Router config

aaa new-model
aaa authentication fail-message #
Authentication failed.
#
aaa authentication login default line
aaa authentication login TACACS group tacacs+  line
aaa authorization config-commands
aaa authorization console
aaa authorization exec default group tacacs+
aaa authorization commands 1 default group tacacs+
aaa authorization commands 15 default group tacacs+
tacacs-server host 192.168.X.X
tacacs-server key XYZXYZXYZXYZYXYZ
line con 0
 login authentication TACACS
line aux 0
 login authentication TACACS
line vty 0 4
 login authentication TACACS

key = "XYZXYZXYZXYZYXYZ"
group = admin {
        default service = permit
        service = exec {
                priv-lvl=15
                }
        service = shell {
                priv-lvl=15
                }
        }
user = admin {
        login = cleartext XXXXXXXX
        member = admin
        }