02-03-2009 07:12 AM - edited 03-10-2019 04:19 PM
Is there anywhere in Cisco ACS (3.3) where I can set a central Banner message, or a custom login prompt?
I would like to know when I get a login prompt if it is going to authenticate via TACACS or using the local db.
02-03-2009 10:59 AM
aaa authentication fail-message ^C
aaa authentication password-prompt "Enter local password:"
aaa authentication username-prompt TACISDOWN
Regards,
~JG
Do rate helpful posts
02-03-2009 11:24 AM
Thanks JG.
I can see how that works for failures, but is there any way to set it on the ACS server for if TACACS is available?
Neil
02-03-2009 11:48 AM
Neil,
That you can set up on router itself by this command
=======================
aaa authentication fail-message ^
TACACS Password Incorrect^
When tacacs is available and you issue wrong password ---> It will prompt TACACS password Incorrect.
====================
aaa authentication username-prompt TACISDOWN
IF tacacs is down--->It will prompt tacacsdown.
You will use local password
======================
I don't think we can set it up on acs.
Regards,
~JG
02-03-2009 12:03 PM
Thanks again JG
An ACS solution would be neater, as I have 10,000+ devices to configure, but at least this will give the end result!
Neil
02-04-2009 12:47 AM
I did some googling on this and was horrified to not find anything. RADIUS has the Reply-Message attribute that can do exactly this.
I guess you could to use Cisco Works to push the prompt command out to every device?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: