I have a question about N7K, could I just configure the tacacs+ for login instead of set up the whole aaa such as aaa group server tacacs+ XXX ?
For further, why can't I add local in the rear of setting aaa authentication login default?
1.cn7k(config)# aaa authentication login default group RADIUSSERVERS ?
WORD Server group name (Max Size 127)
none No authentication
Only none is optional.
I noticed that as well and from what I read off the cisco white papers, when working with the Nexus 5k's, the default is that if no communication with the tacacs+/radius servers exist then the Nexus devices will automatically revert back to local. Unlike IOS that requires the local command.