Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When logging into the WebUI using tacacs+ authentication for a c9300 switch version 17.3.04 - I don't get any of the configuration links. Only the Dashboard and Monitoring.I want to be able to give my tech-support team the ability to login to the sw...
I can confirm that the p12 or adding the legacy format works with the wildcard certs. I used this procedure for our situation.Be sure the star cert is issued without any special characters in the passphrase.Prepare the certificate for the CUBEs.Conc...
I figured out what was going on. Go to Work Centers >> Device Administration >> External Identity Sources.Look at the name that you gave your Active Directory and enter that into the field.If you are logging in via Internal, I'm guessing it will try...
After working with TAC on this, the solution was to define authorization levels on Authorization Server.In my case, ISE was using the default Shell Profile which pretty much had no privilege level set and therefore, I could not perform any exec comma...
Same result.Thank you for expressing interest in this by the way. I'm surprised it hasn't come up before. At least I haven't run across anyone talking about it via a web search.
Update:aaa new-model
!
!
aaa group server tacacs+ pom-ise
server name pom-ise01
server name pom-ise02
!
aaa authentication login default group pom-ise local
aaa authentication login console local
aaa authentication webauth default group pom-ise loc...
