Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
731
Views
0
Helpful
1
Replies

PIX authentication using Tacacs ( ACS)

amashau
Level 1
Level 1

‎07-26-2005 06:38 AM - edited ‎02-21-2020 10:13 AM

I have configured my pix to authentication using tacacs first; if tacacs is not available it must fall back to LOCAL authentication. The TACACS authentication works fine, when I take out the ACS from the network, the local authentication works as well. The problem is when the ACS comes back online, the PIX do not want to authenticate to TACACS anymore, and it only accept the LOCAL username and password. If I reboot the PIX the tacacs username and Password works again. Can someone help me with this problem? I don't want to reboot my PIX now and then. Please find my configuration for the PIX.

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server TACACS+ (inside) host 1.1.1.1 xxxxx timeout 10

aaa-server LOCAL protocol local

aaa authentication telnet console TACACS+ LOCAL

aaa authentication enable console TACACS+ LOCAL

username xxxxx password xxxxxx encrypted privilege 15

Labels:
0 Helpful
1 Reply 1

vasthorvak
Level 1
Level 1

‎07-27-2005 05:07 AM

set the deadtime to "0", this way it will always check with the tacacs server before falling back to the local user database. Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents