Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1166
Views
0
Helpful
0
Replies

Configure cisco IOS 16.9.2 and 15.2(4)E6 for ISE two factor authentication

Eric R. Jones
Level 4
Level 4

‎12-10-2018 02:16 PM

Hello, I'm configuring Two Factor Authentication via ISE 2.4 for our network devices.

On a 3850 using 16.9.2 I have changed part of the AAA configuration by removing:

no aaa authorization commands 0 default group tacacs+ local if-authenticated
no aaa authorization commands 1 default group tacacs+ local if-authenticated
no aaa authorization commands 15 default group tacacs+ local if-authenticated

 

and adding:


aaa authentication login default local
aaa authentication enable default enable

 

I've done this so that the switch won't seek out the current ACS server that is managing access.

When I test login using Government CAC using SecureCRT it fails.

When I test ISE's ability to see that same name in the attached Active Directory  repository it's found and successful.

Has anyone been successful with the edge switch configuration portion using Government issued CACs?

ej

 

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents