https://community.cisco.com/t5/network-security/firepower-local-auth/m-p/4480549#M1084213 <P>Hi <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1027298">@ChristopherCraddock66504</a>&nbsp;</P> <P>Unfortunately you cannot configure the FMC like fallback on a switch or router. The documentation states "If the user is not present in the local database, the system queries an external LDAP or RADIUS authentication server".</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/user_accounts_fmc.html?bookSearch=true#id_63531" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/user_accounts_fmc.html?bookSearch=true#id_63531</A></P> <P>&nbsp;</P> <P>So the local admin user will always have access.</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 05 Oct 2021 19:45:57 GMT Rob Ingram 2021-10-05T19:45:57Z https://community.cisco.com/t5/network-security/firepower-local-auth/m-p/4480543#M1084212 <P>Community,</P><P>&nbsp;</P><P>I have configured my Firepower FTD's (2140s and 4140's) for Radius Auth and my FMC for LDAP authentication. However, I am noticing that I am still able to log in to these devices using the local admin account. Is this by design? Is there a way to force only the Radius/LDAP auth until the External Authentication method is no longer available, similar to a local fallback mechanism on a router or switch?</P><P>&nbsp;</P><P>Thank you.&nbsp;</P> Tue, 05 Oct 2021 19:32:01 GMT https://community.cisco.com/t5/network-security/firepower-local-auth/m-p/4480543#M1084212 ChristopherCraddock66504 2021-10-05T19:32:01Z https://community.cisco.com/t5/network-security/firepower-local-auth/m-p/4480549#M1084213 <P>Hi <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1027298">@ChristopherCraddock66504</a>&nbsp;</P> <P>Unfortunately you cannot configure the FMC like fallback on a switch or router. The documentation states "If the user is not present in the local database, the system queries an external LDAP or RADIUS authentication server".</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/user_accounts_fmc.html?bookSearch=true#id_63531" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/user_accounts_fmc.html?bookSearch=true#id_63531</A></P> <P>&nbsp;</P> <P>So the local admin user will always have access.</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 05 Oct 2021 19:45:57 GMT https://community.cisco.com/t5/network-security/firepower-local-auth/m-p/4480549#M1084213 Rob Ingram 2021-10-05T19:45:57Z