10-22-2004 09:15 AM
i have all of my aaa acs config working and I am getting my logfiles on the ACS. When I log into a device I see that I logged in on the ACS. However it still uses the local enable password on the device instead of the login password stored on the ACS.
10-31-2004 12:52 AM
Make sure of the following:
1) add the user on the ACS database.
2) set up a ciscosecure PAP password and confirm it.
3) for enable pw, use the option " use seperate password" and enter/confirm the new password. This will be the enable password for the user.
configure aaa as below:
aaa authentication login vty group tacacs+ enable
line vty 0 4
login authentication vty
do let us know if this works !!
11-01-2004 09:16 AM
What kind of devices are you talking about, Catalyst switches, IOS routers, or what?
Do you have aaa authentication enable configured as well as aaa authentication login? (or the equivalent for catalyst switches)?
It might be helpful if you would post the aaa part of the device configuration.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide