Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
1
Replies

ACS request splitting in router

vishaw jasrotia
Level 1
Level 1

‎07-14-2016 02:25 AM - edited ‎03-10-2019 11:55 PM

Hi,

I have one requirement.  

We have multiple routers and firewall in our network. All these are managed through ACS for aaa purpose. At same time we have tools like PI , DCNM and more for managing these components. All these NMS tools are pooling to Routers and firewall for fetching data at periodic  interval.

Now problem is the request from these tools are captured  in ACS and my  ACS data base fulls very fast and I am unable to find actual users logs in it. Is there any way to configure some parameters on router/ firewall to direct request from NMS tools to local database and from users to ACS by looking at source address.

In Short , for a router access I want some of my host to be authenticated through ACS and some by local database

Thanks in advance. 

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎07-18-2016 09:09 PM

You can always list the local database first and then RADIUS/TACACS+. That way, the local database will be checked first and if the user is not found then the next database (ACS) will be queried. 

If that is not an option, then you can try using rotary groups:

https://supportforums.cisco.com/discussion/11721671/how-change-ports-access

I hope this helps!

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents