02-10-2014 03:50 AM - edited 03-10-2019 09:22 PM
Hi
One of my customer has configured the below commands in switches. I created a user for accessing LMS to archive configuration.The user account successfully logged in to the switch but enable password is not taking from ACS it is taking from local enable password. After I addedd this command "
aaa authorization exec default group tacacs+ " the switch was not asking fro enable password.
The customer have ACS 4.2 in that I configured ACS the Shell command enabled and privilage 15.
Please advise how to configur a user account in ACS only for LMS ?
aaa new-model
aaa authentication attempts login 5
aaa authentication login console none
aaa authentication login ssh group tacacs+ local
aaa accounting session-duration ntp-adjusted
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa session-id common
ip tacacs source-interface Vlanx
tacacs-server host 10.10.10.10 key 7 06098745612293E302426
tacacs-server timeout 60
tacacs-server directed-request
Thanks and Regards,
Abdul Hameed
Solved! Go to Solution.
02-11-2014 02:55 AM
02-11-2014 02:01 AM
wel authentication method is fine in the configuration you have set the option if ACS authentication fails then local account will be used for authentication try to share the log message that you receive that will help to touble shoot as chances are the ACS is not authenticating the user.
02-11-2014 02:18 AM
Salaam Kashif
I couldnt find any failed attempt or passed attempt against the user account in ACS. Where can I get the log?
After I put this command " aaa authentication enable default group tacacs+ enable"
Local user account and ACS users account not able to access the switch the error was " error authentication" but when I run a test command the authentication was successfull.
02-11-2014 02:55 AM
kindly check the link
02-11-2014 04:13 AM
Salaam Kashif
It is working I found the commands in that page which you were given.
Thanks lot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide