One of my customer has configured the below commands in switches. I created a user for accessing LMS to archive configuration.The user account successfully logged in to the switch but enable password is not taking from ACS it is taking from local enable password. After I addedd this command "
aaa authorization exec default group tacacs+ " the switch was not asking fro enable password.
The customer have ACS 4.2 in that I configured ACS the Shell command enabled and privilage 15.
Please advise how to configur a user account in ACS only for LMS ?
aaa authentication attempts login 5
aaa authentication login console none
aaa authentication login ssh group tacacs+ local
aaa accounting session-duration ntp-adjusted
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
wel authentication method is fine in the configuration you have set the option if ACS authentication fails then local account will be used for authentication try to share the log message that you receive that will help to touble shoot as chances are the ACS is not authenticating the user.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :