Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
0
Helpful
1
Replies

Auth-proxy fallback.

glenn.costa
Level 1
Level 1

‎10-01-2004 03:29 AM - edited ‎03-09-2019 08:57 AM

Is it possible to have a fallback for auth-proxy, such that when the ACS server is not contactable, the router authenticates the user by default and modifies the acl applied on the interface to allow the users traffic ?

AAA commands support a fallback with the following command, "aaa authentication login default group TACACS+ none" If I put the "none" and if the TACACS is not available it will directly allow the user access. Can this also be done with auth-proxy, if so can we also have the ACL changed dynamically on the router to allow traffic through if ACS is down ?

Labels:
0 Helpful
1 Reply 1

jsivulka
Level 5
Level 5

‎10-07-2004 05:44 AM

You could refer to the chapter on 'Authentication Proxy' in the configuration guide at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfauthp.htm. See if you are able to find something useful.

0 Helpful
Customers Also Viewed These Support Documents