Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unable to configure local AAA authentication

Hi,

In my Cisco ASA 55220 , I am unable to configure AAA.ASA is configured in transparent mode.

Please find the error msg..

ASA-MPLS(config)# aaa authentication enable console loCAL

ERROR: aaa-server group loCAL does not exist

Usage: [no] aaa mac-exempt match <mac-list-id>

[no] aaa authentication secure-http-client

[no] aaa authentication listener http|https <if_name> [port <port>] [redirect]

[no] aaa authentication|authorization|accounting include|exclude <svc>

<if_name> <l_ip> <l_mask> [<f_ip> <f_mask>] <server_tag>

[no] aaa authentication serial|telnet|ssh|http|enable console

<server_tag> [LOCAL]

[no] aaa accounting telnet|ssh|serial|enable console <server_tag>

[no] aaa authentication|authorization|accounting match

<access_list_name> <if_name> <server_tag>

[no] aaa authorization command {LOCAL | <tacacs_server_tag> [LOCAL]}

[no] aaa accounting command {privilege <level>} <tacacs_server_tag>

[no] aaa proxy-limit <proxy limit> | disable

[no] aaa local authentication attempts max-fail <fail-attempts>

clear configure aaa

clear aaa local user {fail-attempts|lockout} {all | username <uname>}}

show running-config [all] aaa [authentication|authorization|accounting

|max-exempt|proxy-limit]

show aaa local user [lockout]

ASA-MPLS(config)#

Please guide to resolve this issue..

Regards,

som

3 REPLIES

Re: Unable to configure local AAA authentication

Use "LOCAL" not "loCAL"

Regards,

Prem

Please rate if it helps!

New Member

This old post help my two

This old post help my two days without sleeping in the night problem.

thank  you Premdeep.

 

Regards,

Rex

New Member

if you use the "local" key in

if you use the "local" key in small letters the ASA would consider it as a different aaa server over its default of "LOCAL" with capital letters, same concept for any other aaa server different than the default existent one.

 

Please try again by using the command with "LOCAL" key in capital letter. because the local server name is a case sensitive

5979
Views
46
Helpful
3
Replies