Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15329
Views
77
Helpful
4
Replies

Unable to configure local AAA authentication

somnath21
Level 1
Level 1

‎10-27-2008 06:20 AM - edited ‎03-11-2019 07:03 AM

Hi,

In my Cisco ASA 55220 , I am unable to configure AAA.ASA is configured in transparent mode.

Please find the error msg..

ASA-MPLS(config)# aaa authentication enable console loCAL

ERROR: aaa-server group loCAL does not exist

Usage: [no] aaa mac-exempt match <mac-list-id>

[no] aaa authentication secure-http-client

[no] aaa authentication listener http|https <if_name> [port <port>] [redirect]

[no] aaa authentication|authorization|accounting include|exclude <svc>

<if_name> <l_ip> <l_mask> [<f_ip> <f_mask>] <server_tag>

[no] aaa authentication serial|telnet|ssh|http|enable console

<server_tag> [LOCAL]

[no] aaa accounting telnet|ssh|serial|enable console <server_tag>

[no] aaa authentication|authorization|accounting match

<access_list_name> <if_name> <server_tag>

[no] aaa authorization command {LOCAL | <tacacs_server_tag> [LOCAL]}

[no] aaa accounting command {privilege <level>} <tacacs_server_tag>

[no] aaa proxy-limit <proxy limit> | disable

[no] aaa local authentication attempts max-fail <fail-attempts>

clear configure aaa

clear aaa local user {fail-attempts|lockout} {all | username <uname>}}

show running-config [all] aaa [authentication|authorization|accounting

|max-exempt|proxy-limit]

show aaa local user [lockout]

ASA-MPLS(config)#

Please guide to resolve this issue..

Regards,

som

3 people had this problem
Labels:
0 Helpful
4 Replies 4

Premdeep Banga
Level 7
Level 7

‎10-27-2008 06:24 AM

Use "LOCAL" not "loCAL"

Regards,

Prem

Please rate if it helps!

elizer man-on
Level 1
Level 1
In response to Premdeep Banga

‎02-11-2015 05:13 AM

This old post help my two days without sleeping in the night problem.

thank  you Premdeep.

 

Regards,

Rex

0 Helpful

kurich
Level 1
Level 1
In response to Premdeep Banga

‎11-03-2021 07:32 AM

Thanks , Its work 

0 Helpful

meahmedhassan
Level 1
Level 1

‎11-16-2016 04:27 AM

if you use the "local" key in small letters the ASA would consider it as a different aaa server over its default of "LOCAL" with capital letters, same concept for any other aaa server different than the default existent one.

 

Please try again by using the command with "LOCAL" key in capital letter. because the local server name is a case sensitive

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card