Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1262
Views
0
Helpful
0
Replies

Configure cisco IOS 16.9.2 and 15.2(4)E6 for ISE two factor authentication

Eric R. Jones
Level 4
Level 4

‎12-10-2018 02:16 PM

Hello, I'm configuring Two Factor Authentication via ISE 2.4 for our network devices.

On a 3850 using 16.9.2 I have changed part of the AAA configuration by removing:

no aaa authorization commands 0 default group tacacs+ local if-authenticated
no aaa authorization commands 1 default group tacacs+ local if-authenticated
no aaa authorization commands 15 default group tacacs+ local if-authenticated

 

and adding:


aaa authentication login default local
aaa authentication enable default enable

 

I've done this so that the switch won't seek out the current ACS server that is managing access.

When I test login using Government CAC using SecureCRT it fails.

When I test ISE's ability to see that same name in the attached Active Directory  repository it's found and successful.

Has anyone been successful with the edge switch configuration portion using Government issued CACs?

ej

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card