Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
504
Views
0
Helpful
1
Replies

Cisco Radius Authentication using Windows 2012 NPS

Ivan Rivai
Level 1
Level 1

‎05-24-2018 07:52 PM - edited ‎02-21-2020 10:56 AM

Hello.

I'm curious about something. I'm going to apply radius authentication using windows NPS, due to the easiness of password policy. The authentication works perfectly, but i got something in mind.

I configured aaa authentication fallback to local at the cisco devices when the radius server is unreachable. But i have a policy that the users have to change the password every 3 months. So when the user expires, we can't ssh to the devices. How can we make it fallback to local authentication, when the radius is reachable? because what i understand is that the authentication will fallback to local only when the radius server is unreachable.

 

Thank you.

 

Regards,

Ivan

Labels:
0 Helpful
1 Reply 1

RichardAtkin
Level 3
Level 3

‎05-25-2018 01:20 AM

You can make it check the local DB first, then RADIUS second... but I think that's about as close as you can get to your use case.

 

Discussion about that approach here;

https://supportforums.cisco.com/t5/wan-routing-and-switching/auth-radius-fallback-to-local/td-p/2111292

 

0 Helpful
Customers Also Viewed These Support Documents