4 tacacs+ troubleshooting, Tacacs, Roubleshooting – PLANET WGSW-52040 User Manual

A computer connects to a switch, of which the IP address is 10.1.1.2 and connected with a

TACACS+ authentication server; IP address of the server is 10.1.1.3 and the authentication

port is defaulted at 49, set telnet log on authentication of the switch as tacacs local, via using

TACACS+ authentication server to achieve telnet user authentication.

Switch(config)#interface vlan 1

Switch(Config-if-vlan1)#ip address 10.1.1.2 255.255.255.0

Switch(Config-if-vlan1)#exit

Switch(config)#tacacs-server authentication host 10.1.1.3

Switch(config)#tacacs-server key test

Switch(config)#authentication line vty login tacacs

46.4 TACACS+ Troubleshooting

In configuring and using TACACS+, the TACACS+ may fail to authentication due to reasons

such as physical connection failure or wrong configurations. The user should ensure the

following:



First good condition of the TACACS+ server physical connection.



Second all interface and link protocols are in the UP state (use “show interface”

command).



Then ensure the TACACS+ key configured on the switch is in accordance with the one

configured on TACACS+ server.



Finally ensure to connect to the correct TACACS+ server.

46-173