we have software basec cisco ACS 4.1 and we have integrated with ADS server, here the problem is for telnet ssh domain credentials are working but where as for console it is not working it is not even taking the local login credetilas (If local logins username is same as Domain username then we are able to login to switch using local password).
I observed below log is creating when i try to login through console. (failed attempts log)
Did you try logging to console using the same username/password the one you tried for telnet/ssh?
Also help me with the following outputs:
sh run | in user
sh run | in aaa
debug aaa common 255
Latest hits from the ACS > failed attempts (Just wanted to double check that we are getting the same hit).
As you said if the local user name is created same as domain user name then it works. This indicates that even you try with local username password, the request is going to radius server proxied to external DB.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...