Which two steps must you perform to allow access to a device when the connection to a remote TACACS+ authentication server fails?

– by 1

Which two steps must you perform to allow access to a device when the connection to a remote TACACS+ authentication server fails? (Choose two.)
A. Configure accounting to reference the log of previously authenticated connections.
B. Include the local keyword in the AAA configuration.
C. Configure the device to accept Telnet and SSH connections.
D. Remove the aaa new model command from the global configuration.
E. Configure a local username and password on the device.

cisco-exams

One thought on “Which two steps must you perform to allow access to a device when the connection to a remote TACACS+ authentication server fails?

  1. BE

    https://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-tacacs-/200606-aaa-authentication-login-default-local.html

    Configure these commands on the device in global configuration mode:

    aaa new-model
    aaa authentication login default local group tacacs+
    With just “aaa new model” configured, local authentication is applied to all lines and interfaces (except console line line con 0).

    Here the AAA method list is applied on all login attempts on all lines of the device, where first local database is checked and then if required, Terminal Access Controller Access Control System (TACACS) server is tried.

    username cisco privilege 15 password 0 cisco
    Local user database.

    tacacs-server host 10.20.220.141
    tacacs-server key cisco
    TACACS server configured.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.