Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Banner (TACACS)

Is there anywhere in Cisco ACS (3.3) where I can set a central Banner message, or a custom login prompt?

I would like to know when I get a login prompt if it is going to authenticate via TACACS or using the local db.

5 REPLIES

Re: ACS Banner (TACACS)

aaa authentication fail-message ^C

aaa authentication password-prompt "Enter local password:"

aaa authentication username-prompt TACISDOWN

Regards,

~JG

Do rate helpful posts

New Member

Re: ACS Banner (TACACS)

Thanks JG.

I can see how that works for failures, but is there any way to set it on the ACS server for if TACACS is available?

Neil

Re: ACS Banner (TACACS)

Neil,

That you can set up on router itself by this command

=======================

aaa authentication fail-message ^

TACACS Password Incorrect^

When tacacs is available and you issue wrong password ---> It will prompt TACACS password Incorrect.

====================

aaa authentication username-prompt TACISDOWN

IF tacacs is down--->It will prompt tacacsdown.

You will use local password

======================

I don't think we can set it up on acs.

Regards,

~JG

New Member

Re: ACS Banner (TACACS)

Thanks again JG

An ACS solution would be neater, as I have 10,000+ devices to configure, but at least this will give the end result!

Neil

Silver

Re: ACS Banner (TACACS)

I did some googling on this and was horrified to not find anything. RADIUS has the Reply-Message attribute that can do exactly this.

I guess you could to use Cisco Works to push the prompt command out to every device?

1232
Views
0
Helpful
5
Replies