×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.
dcayer Thu, 03/20/2003 - 06:37
User Badges:

With WebNS version 5.03, we use TACACS (not RADIUS) for login authentication (command authorization is disabled), and this provides us with superuser (#) access.


Unfortunately, even if the TACACS server denies access to the user, the CSS automatically reverts to local authentication, allowing anyone who knows the local superuser name & password to login in.


virtual authentication primary tacacs

virtual authentication secondary local

console authentication primary tacacs

console authentication secondary local

tacacs-server timeout 10

tacacs-server [ key ]

tacacs-server account config

tacacs-server [ IP ] 49


Actions

This Discussion