Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AAA on 6513

Guys,

The following configuration for authentication and authorization doesn't work on 6513 alone. But same configuration is working on 100+ CAT switches. I have verified that ACS server is reachable from 6513 and entry is available for 6513 on ACS server. Interestingly no entries for failures in logs (6513 / ACS)! Is something missing in the config?

aaa new-model

aaa group server tacacs+ name1

server ACSserver1

server ACSserver2

!

aaa authentication login default group name1 local

aaa authentication enable default group name1 enable

aaa authorization exec default group name1 if-authenticated

ip http authentication aaa

tacacs-server host ACSserver1

tacacs-server host ACSserver2

no tacacs-server directed-request

tacacs-server key xxxxx

Appreciate help,

-Satishcp

  • AAA Identity and NAC
1 REPLY
Cisco Employee

Re: AAA on 6513

Hi,

The aaa config looks good but is the Switch able to resolve the names ?

I guess we need aaa authentication and tacacs debugs to see whats going on.

Regards,

Vivek

116
Views
0
Helpful
1
Replies
This widget could not be displayed.