Problem with enable on Cisco IOS using Secure ACS

Unanswered Question
Jul 22nd, 2010
User Badges:

I'm having an issue getting to enable mode using Cisco Secure ACS 4.2 for authentication using RADIUS (not TACACS+).  I've added a user to ACS who is able to log into the switch just fine and I added the $enab15$ user to get to enable mode.  The question I have is this, is there a way to set up a radius user to authenticate directly to without having to use the $enab15$ account?  I know I can make it work with TACACS+ but that is not an option in this case.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sbagavat Thu, 07/22/2010 - 12:44
User Badges:
  • Cisco Employee,

When configuring authentication for enable mode access using RADIUS,  only the password will be requested. The username is always sent in the following format $enab15$. There is no workaround for this. TACACS+ and local authentication would be the only alternatives.

Hope this helps.



This Discussion