02-03-2009 07:12 AM - edited 03-10-2019 04:19 PM
Is there anywhere in Cisco ACS (3.3) where I can set a central Banner message, or a custom login prompt?
I would like to know when I get a login prompt if it is going to authenticate via TACACS or using the local db.
02-03-2009 10:59 AM
aaa authentication fail-message ^C
aaa authentication password-prompt "Enter local password:"
aaa authentication username-prompt TACISDOWN
Regards,
~JG
Do rate helpful posts
02-03-2009 11:24 AM
Thanks JG.
I can see how that works for failures, but is there any way to set it on the ACS server for if TACACS is available?
Neil
02-03-2009 11:48 AM
Neil,
That you can set up on router itself by this command
=======================
aaa authentication fail-message ^
TACACS Password Incorrect^
When tacacs is available and you issue wrong password ---> It will prompt TACACS password Incorrect.
====================
aaa authentication username-prompt TACISDOWN
IF tacacs is down--->It will prompt tacacsdown.
You will use local password
======================
I don't think we can set it up on acs.
Regards,
~JG
02-03-2009 12:03 PM
Thanks again JG
An ACS solution would be neater, as I have 10,000+ devices to configure, but at least this will give the end result!
Neil
02-04-2009 12:47 AM
I did some googling on this and was horrified to not find anything. RADIUS has the Reply-Message attribute that can do exactly this.
I guess you could to use Cisco Works to push the prompt command out to every device?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide