https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897949#M170090 <HTML><HEAD></HEAD><BODY><P>Hi Aduado</P><P>thanks for the reply, I understand what you say, but even the AACS server is not responding this fails.</P><P>what we did, we took another switch and configure the same way as the failing device .</P><P>then we placed a firewall between the switch and the ACS server and block any request from the switch going to the </P><P>ACS server. we could see the firewall is dropping the request send via switch to the ACS and been dropped.</P><P>however the switch is not falling back to the local authentication</P><P>when we provide the local username/pass it just keeps on asking for username and password</P><P></P><P>the IOS is 12.2(33)SXI3 (s72033_rp-ADVIPSERVICESK9_WAN-VM), could not find any bugs relate to this issue.</P><P></P><P>thanks you for the support </P><P>Lancellot</P></BODY></HTML> Mon, 21 May 2012 10:04:19 GMT Lance Wendel 2012-05-21T10:04:19Z https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897947#M170088 <P>Hi all,</P><P></P><P>I have strang situation, when you try to authenticate with the local username and password, switch keeps bouncing back for user name and password</P><P>though I have given the correct information</P><P></P><P>*****************************************************</P><P>aaa authentication login default group tacacs+ local</P><P>aaa authentication enable default group tacacs+ enable</P><P>aaa authorization exec default group tacacs+ none</P><P>aaa authorization exec no_tac none</P><P>aaa authorization commands 15 default group tacacs+ none</P><P>aaa accounting exec default start-stop group tacacs+</P><P>aaa accounting commands 1 default start-stop group tacacs+</P><P>aaa accounting commands 15 default start-stop group tacacs+</P><P>*************************************************************************</P><P></P><P>Based on the</P><P></P><P>aaa authentication login default group tacacs+ local</P><P></P><P>if you fails to authenticate with the ACS server, router/Switch will look for local authentication, correct.</P><P>I have created a user &amp; a password localy on the device. when try to enter the local username/pass switch keeps bouncing back for username and password.</P><P></P><P>kindly help please</P><P>thanks in advance</P><P>Lance</P> Mon, 11 Mar 2019 02:06:01 GMT https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897947#M170088 Lance Wendel 2019-03-11T02:06:01Z https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897948#M170089 <HTML><HEAD></HEAD><BODY><P> If you fail to authenticate with ACS server then ACS will tell the device to deny access to that particular user. The device won't look for local authentication.</P><P></P><P>The only way it will look for local authentication is if ACS is not responding at all.</P></BODY></HTML> Sat, 19 May 2012 06:15:40 GMT https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897948#M170089 Eduardo Aliaga 2012-05-19T06:15:40Z https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897949#M170090 <HTML><HEAD></HEAD><BODY><P>Hi Aduado</P><P>thanks for the reply, I understand what you say, but even the AACS server is not responding this fails.</P><P>what we did, we took another switch and configure the same way as the failing device .</P><P>then we placed a firewall between the switch and the ACS server and block any request from the switch going to the </P><P>ACS server. we could see the firewall is dropping the request send via switch to the ACS and been dropped.</P><P>however the switch is not falling back to the local authentication</P><P>when we provide the local username/pass it just keeps on asking for username and password</P><P></P><P>the IOS is 12.2(33)SXI3 (s72033_rp-ADVIPSERVICESK9_WAN-VM), could not find any bugs relate to this issue.</P><P></P><P>thanks you for the support </P><P>Lancellot</P></BODY></HTML> Mon, 21 May 2012 10:04:19 GMT https://community.cisco.com/t5/network-access-control/local-authentication-fails/m-p/1897949#M170090 Lance Wendel 2012-05-21T10:04:19Z