AAA authentication banner

Unanswered Question
Dec 3rd, 2008
User Badges:

I configured my 3750 switches to use the "aaa authentication banner" command and I setup a custom banner. If the ACS server is online I don't see this custom banner. If I disconnect the Cisco ACS server from the network forcing local authentication, the banner is displayed. The "aaa authentication fail-message" works perfectly all the time. Why is the aaa authentication banner not being displayed?


Thanks for the help.


Joe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Wed, 12/03/2008 - 07:49
User Badges:
  • Silver, 250 points or more

Look like your platform does not support aaa

authentication banner:


The following platforms support login banners for AAA authentication:


•Cisco 1003, Cisco 1004, Cisco 1005


•Cisco 2500 series


•Cisco 3000/IGS


•Cisco 4000 series (Cisco 4000, 4000-M, 4500, 4500-M, 4700, 4700-M)


•Cisco AS5200 series


•Cisco AS5300


•Cisco 7000 series


•Cisco 7200 series


•Cisco 7500 series


That being said, it is not working on the

Cisco VXR7204 either.

prekojo Wed, 12/03/2008 - 08:16
User Badges:

Thanks for the information. Could you please tell me where you found this information?


Thanks


Joe

andrew.burns Thu, 12/04/2008 - 00:32
User Badges:
  • Gold, 750 points or more

Hi,


That link is out of date as it refers to IOS version 11.3 - the feature really is supported (which can be checked using the feature navigator).


The original question refers to the feature not working as expected - not whether it's supported or not. If we check the command reference we can see a note as follows:


The AAA authentication banner message is not displayed if TACACS+ is the first method in the method list.


I suspect this might be why it isn't working as expected. If so, a message of the day banner might be a better solution. (Using the banner motd command.)


HTH

Andrew.


prekojo Thu, 12/04/2008 - 09:42
User Badges:

Thanks for the info. I am glad I finally understand why this is not working that way I thought it would.



Actions

This Discussion