Probowalem wylaczyc / zablokowac IP switcha bezposrednio na tacacs+ zeby sie zalogowal loklanym 'no_tacacs+' kontem ale wywala ten sam error.
Restart nie wchodzi w gre bo na koncu skryptu bylo 'wr' :/
Oto obecne ustawienia aaa. GLS-TACAS to jest stary serwer, tacacs+ nowy.
Kod: Zaznacz cały
username no_tacacs+ privilege 15 secret 5 $1$qvkl$EKuX4NikRwv/bss1/NKh2/
aaa new-model
!
!
aaa group server tacacs+ GLS-TACACS
server-private 10.0.89.130 timeout 3 key 7 075C066F1A2414572E2653015C020E710A
ip tacacs source-interface Vlan10
!
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group GLS-TACACS local
aaa authorization commands 15 default group GLS-TACACS local
aaa accounting commands 1 default start-stop group GLS-TACACS
aaa accounting commands 15 default start-stop group tacacs+