Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure local database as fallback method for authentication on PIX/ASA

Core issue

The configuration of the local user database as the fallback authentication method on PIX/ASA when primary authentication server goes down.

Resolution

In order to configure local database as fallback method for authentication use the LOCAL keyword in the aaa authentication command.

The keyword LOCAL has two uses. It can designate the use of the local database, or it can specify fallback to the local database if the designated authentication server is unavailable.

Refer to this example.  In this example, if TACACS+ server goes down, you are authenticated by the local database:

aaa authentication ssh console TACACS+ LOCAL

Note: Keyword LOCAL is case sensitive

This command can configure these options:

aaa authentication {serial | enable | telnet | ssh | http} console {server-tag [LOCAL] | LOCAL}

2626
Views
0
Helpful
0
Comments