07-03-2016 12:44 AM - edited 03-01-2019 04:59 AM
I had successfully integrated Cisco ACI 1.3 with Cisco ACS server. I am able to login to Cisco ACI GUI using AAA username & password.
But when I am directly doing SSH to any leaf node then I am not able to login using AAA username password. I am able to login using local username password only.
I think I need to use some specific format for username when login to any node directly which will specify authentication realm.
Any body came across this kind of situation ?
Solved! Go to Solution.
07-13-2016 01:35 PM
I had this issue, and TAC helped me out. 2 things...
1. you have to authenticate with the following format
login as: apic#(AAA domain name)\\(AAA username)
apic# is NOT a variable, you have to type apic# ---> this caused some confusion on my part
2. you have to enable your AAA server to pass the same AvPair value for all devices, not just the APIC.
we run 1.3(2f)
07-13-2016 01:35 PM
I had this issue, and TAC helped me out. 2 things...
1. you have to authenticate with the following format
login as: apic#(AAA domain name)\\(AAA username)
apic# is NOT a variable, you have to type apic# ---> this caused some confusion on my part
2. you have to enable your AAA server to pass the same AvPair value for all devices, not just the APIC.
we run 1.3(2f)
05-22-2018 11:22 AM
For the records the domain, its the domain configured in APIC, like the example in screenshot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide