03-16-2018 01:41 AM - edited 02-21-2020 10:49 AM
Hi Cisco,
We have acs 5.4 and currently under default network access identity is set to our AD because we use it for our wireless. Is it possible to set default device admin identity to internal users without affecting the setting on default network access identity? please advise? I want to integrate our other switch on our acs but we dnt want to touch anything on the default network access identity so I want it to be on default network admin identity.
03-16-2018 02:34 AM
03-16-2018 02:47 AM
Hi Mohammad, thank let me try and let you know.
One more thing i run the below aaa commen on our cisco switch and after that we cannot reach the privilege mode anymore.Can help me check also if i miss something.thanks!
aaa new-model
tacacs-server host 172.16.12.120
tacacs-server key KuokCisco
ip tacacs source-interface vlan1
aaa authentication login default group tacacs+ line
aaa authentication login no_tacacs none
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ local
aaa authorization commands 0 default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
03-16-2018 03:18 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide