Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

removing ACS from authenticating to allow local account

i currently have ACS enabled but, would like to test local account. i wanted to verify that removing aaa authentication ssh console TACACS+ LOCAL would allow me to login with the local account.  i was not sure if i should remove the ACS box instead from the running config.  please advise on best practice.                  

  • Firewalling
Everyone's tags (2)
2 ACCEPTED SOLUTIONS

Accepted Solutions

removing ACS from authenticating to allow local account

Hello Jason,

You do not need to remove it from the configuration, the whole purpose of have both of them is to failover that particular scenario ( where the ACS goes down as an example)

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com

removing ACS from authenticating to allow local account

Hi Jason,

Just remove the TACACS server host in the config

no tacacs-server host 10.18.220.45 (example) from the device. So that automatically it will take the local login when no tacacs server defined.

Please do rate if the given information helps.

By

Karthik

3 REPLIES

removing ACS from authenticating to allow local account

Hello Jason,

You do not need to remove it from the configuration, the whole purpose of have both of them is to failover that particular scenario ( where the ACS goes down as an example)

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com

removing ACS from authenticating to allow local account

Hi Jason,

Just remove the TACACS server host in the config

no tacacs-server host 10.18.220.45 (example) from the device. So that automatically it will take the local login when no tacacs server defined.

Please do rate if the given information helps.

By

Karthik

New Member

removing ACS from authenticating to allow local account

thanks everyone.

269
Views
0
Helpful
3
Replies