Configure Login Authentication Mode

Before you begin

Only admin users can perform this procedure.
The TACACS+ host must be configured on the 9920 device.

About this task

Perform this procedure to configure TACACS+ as the primary source of authentication and the local-auth-fallback as the secondary source. For additional information, see TACACS+ Configuration.

Procedure

Enter the Config mode.
```
device(config)# 
```
Configure the login authentication mode.
```
device# configure terminal
device(config)# aaa authentication login tacacs+ local-auth-fallback
device(config)# aaa accounting all default start-stop tacacs+
device(config)# tacacs-server host 1.2.3.4
device(config-tacacs-config)# plain-key testing123
```
For more information on the aaa authentication command, see Extreme 9920 Software Command Reference, 21.2.1.0 .

Authentication is attempted first with the TACACS+ server. If that fails, authentication is attempted with the local database.

View the configuration.

device(config-tacacs-config)# do show run
username testuser2 role user password $6$salt$cevuzTZ/QBjzuZG0/ebEeedmcTnhyM8ITUu8K032Cp2XvIibq7voqYagm18bwpLBqrg/l/l6YxTmKKibJz5r10
tacacs-server host 1.2.3.4
  encrypted-key QjQkJLQUF3ncI1ooQCOaoEsBn5epVI3GsQwFD6i_BW
aaa authentication login tacacs+ local-auth-fallback
aaa accounting commands default start-stop tacacs+
interface ethernet 1/2
  shutdown
interface ethernet 2/2
  shutdown

Log into the device using an account with TACACS+-only credentials to verify if the login authentication mode is configured.