<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3268" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>I've searched the
archives, but I can't seem to find a solution to my problem.</FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>I have my devices
configured with TACACS and have created a "rancid" account on the server.
When everything is properly configured and functional, RANCID works
great.</FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>However, because I
work in a dynamic environment, at times there is a failure (either server or
change of remote config) that causes the TACACS authentication to fail. In
this case, I've configured my AAA authentication line in the remote device to
default to enable authentication:</FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>aaa authentication
login default group tacacs+ enable</FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>During these
situations, RANCID obviously fails. The enable is not the same as the
TACACS username that RANCID is trying to use. </FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>Is there a way to
create a "backup" or "secondary" password that RANCID can try if the first
attempt to reach a device fails? Or, perhaps, better, a way for RANCID to
recognize that it's not being prompted for a "Username" since AAA isn't working
(it gets prompted for "Password:") and to simply enter the enable
password? In this situation, I don't want RANCID to use it's username
password, but the enable password.</FONT></SPAN></DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=935303416-04042008><FONT face=Arial size=2>I've got to be
missing something here.</FONT></SPAN></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>