Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
1
Replies

Prime Infra AAA authentication sequence

MATS KARLSSON
Level 1
Level 1

‎03-03-2020 06:33 AM - edited ‎07-05-2021 11:48 AM

I know i can have a authentication for the users to Prime on an external Radius with fallback to local, if something fails.

That is how we have it today and ordinary users have OneTimePassword for login.

But I now want an API user account to be authenticated locally.

Is it in someway possible to have local authentication as first option and if that fails or no username exist have Radius as next,

to have Radius as a fallback to Local?

 

Today this API user account fails at radius login and get success on Local with the drawback it generates a lot of logs in Radius about failed logins. It works fine for the API user, but is not popular among those handling the radius.

 

Labels:
0 Helpful
1 Reply 1

superego
Level 1
Level 1

‎03-04-2020 07:51 AM

There's no option to fallback to RADIUS when Local is chosen:

 

aaa.JPG

Only when RADIUS is chosen then there's an open to fallback to Local.

 

To avoid RADIUS logs being flooded with failed attempts, can you create a service account in AD instead to be used for API?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card