I configured my WAAS devices to auth against the tacacs server but unfortunately it is not working. Here are the steps that I completed so far:
- created new account at tacacs server
- configured new user on CM (My WAN > Admin) and associated it with admin role
- configured TACACS server properties (WAE > Configure > Security > AAA > TACACS+) like security word and IP addresses under specific device
- configured auth methods (WAE > Configure > Security > AAA > Authentication Methods) to use TACACS as the primary one and local as the secondary under specific device
However when I telnet to the box I am not able auth with my login credentials. I checked the logs from WAE and found following:
%WAAS-UNKNOWN-1- 899999: ### pam_unix: _unix_verify_password check pass; user unknown
I would like to ask you how is this authentication done exactly. Am I authenticated against the TACACS only or also against CM when I telnet to the box? In other words, do I have to create new user on CM to be able to auth when accessing CLI? Am I authenticated against tacacs when accessing CM WEB GUI ?
In addition, are there any special requirements when creating new user on tacacs server please ?
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...