https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828937#M386765 <HTML><HEAD></HEAD><BODY><P>David</P><P></P><P>I have looked for a way in the VPN concentrator to authenticate with ACS and to have a fall back to local if ACS was not available. While the implementation of authenticate with ACS and fall back to local when ACS is not available is common in IOS I have not found a way to do it with the VPN concentrator. I do not believe that this capability exists in the VPN concentrator.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Tue, 15 Jan 2008 16:35:41 GMT Richard Burts 2008-01-15T16:35:41Z https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828935#M386763 <P>I want to use ACS for managing the VPN</P><P>concentrator 3005. Right now I can </P><P><A class="jive-link-custom" href="https://VPNc_ip_address" target="_blank">https://VPNc_ip_address</A> into the concentrator using accounts I created on</P><P>the ACS. I want to configure the vpn3k</P><P>to fall back to local authentication if</P><P>the ACS become unreachable. Is it </P><P>possible?</P><P></P><P>2nd part of the question is that the</P><P>VPNc console does not accept ACS </P><P>accounts? It only takes "admin" account.</P><P>How do I go about doing the same thing</P><P>when logging into the console port of </P><P>the VPNc and force it to take AAA account? If AAA server is not available,</P><P>it will fall back to "admin" account.</P><P></P><P>Is it possible?</P><P></P><P></P> Sun, 10 Mar 2019 22:35:58 GMT https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828935#M386763 cisco24x7 2019-03-10T22:35:58Z https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828936#M386764 <HTML><HEAD></HEAD><BODY><P>I am going to modify the 2n part of the question a little bit. Right now the vpnc</P><P>console takes botht the AAA accounts and</P><P>the "admin" account. I want the vpnc NOT</P><P>to use the "admin" when AAA is available. </P><P>Only use the "admin" account when AAA becomes</P><P>unavailable.</P></BODY></HTML> Sat, 12 Jan 2008 13:59:45 GMT https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828936#M386764 cisco24x7 2008-01-12T13:59:45Z https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828937#M386765 <HTML><HEAD></HEAD><BODY><P>David</P><P></P><P>I have looked for a way in the VPN concentrator to authenticate with ACS and to have a fall back to local if ACS was not available. While the implementation of authenticate with ACS and fall back to local when ACS is not available is common in IOS I have not found a way to do it with the VPN concentrator. I do not believe that this capability exists in the VPN concentrator.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Tue, 15 Jan 2008 16:35:41 GMT https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828937#M386765 Richard Burts 2008-01-15T16:35:41Z https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828938#M386766 <HTML><HEAD></HEAD><BODY><P>Rick,</P><P></P><P>Basically, I am screwed if the ACS becomes </P><P>unavailable. </P><P></P><P>What about console authentication? currently,</P><P>I can log into the VPN3k with both the "admin"</P><P>and accounts on the ACS server even when</P><P>the ACS is available? Is it another bug in </P><P>the vpn3k?</P><P></P><P>CCIE security</P><P></P></BODY></HTML> Tue, 15 Jan 2008 17:09:58 GMT https://community.cisco.com/t5/network-access-control/vpnc-3005-version-4-7-2-and-acs-4-1-authentication-question/m-p/828938#M386766 cisco24x7 2008-01-15T17:09:58Z