No that's not Misbehavior.
You must have an unreachable tacacs+ server, second method is local (and you have no local usernames) and then the only option left is NONE
So your fallback method is none
Why not?
aaa authentication login ACS group tacacs+ local line
and then
username root privilege 15 secret C1sco#$@
line vty 0 4
password s0m3good1
Now, AAA will have a local username and line password to fall back to if the AAA server fails
:)
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of CCIE
Sent: Monday, February 01, 2010 2:55 AM
To: 'groupstudy'
Subject: AAA misbehavior
Hi experts,
Strange AAA behaviors, I have the bellow configuration, and the AAA ACS is
running, whenever I tried to access this router it ask for username if I
enter anything (not valid username on the AAA) then enter it immediately
take me to the privilege access, please any advice because that's make me
crazy
aaa new-model
aaa authentication login ACS group tacacs+ local none
tacacs-server host 10.0.71.18 key Cisco
line vty 0 15
login authentication ACS
privilege level 15.
Regards,
Amin
Blogs and organic groups at http://www.ccie.net
Received on Mon Feb 01 2010 - 03:03:34 ART
This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 06:28:35 ART