AAA Server not Reachable and Command Output Takes Looooong!!!
Hello fellow networkers!!!
I'd like your input in the following situation I am experiencing. When testing authentication failover (AAA fails, local authentication is used), there seems to be a crazy delay in seeing command output. Here's the configuration:
SW1#sh run | i username|aaa|tacacs
username Admin-15 privilege 15 secret 5 **********
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa session-id common
tacacs-server host 192.168.1.200 key *******
The server is disconnected from the network, so it is no longer reachable. In this case, I am able to login with the local user Admin-15 but:
SW1#sh ip int b | ex unas
Interface IP-Address OK? Method Status Protocol
Vlan50 184.108.40.206 YES NVRAM up up
The below command took about 20 seconds before displaying its output. There is not login delay command, plus I am already logged in but I cannot understand why local authentication causes such a long delay in command output display.
Thanks in advance