What is the consequence of configuring the system authentication order with TACACS+ if the server is not available?

When the system authentication order includes TACACS+ and the server is unavailable, the configured behavior is to fall back to the local authentication database. This fallback mechanism is essential for ensuring that device access remains possible even when the primary authentication method (TACACS+) is not reachable.

In many network environments, relying solely on a remote authentication method can pose risks, especially if that server experiences downtime. By allowing the device to revert to using the local database, users with valid credentials in the local store can still access the device, maintaining operational continuity.

This design provides a safeguard for network devices, ensuring that administrators and users with local access privileges are not entirely locked out due to external server issues. Thus, the configuration of the authentication order is crucial in maintaining accessibility and control over network devices during server outages.