Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
4503
Views
0
Helpful
0
Comments

How to configure local database as fallback method for authentication on PIX/ASA

TCC_2
Level 10
Level 10

‎06-18-2009 04:04 PM - edited ‎03-08-2019 06:07 PM

Core issue

The configuration of the local user database as the fallback authentication method on PIX/ASA when primary authentication server goes down.

Resolution

In order to configure local database as fallback method for authentication use the LOCAL keyword in the aaa authentication command.

The keyword LOCAL has two uses. It can designate the use of the local database, or it can specify fallback to the local database if the designated authentication server is unavailable.

Refer to this example.  In this example, if TACACS+ server goes down, you are authenticated by the local database:

aaa authentication ssh console TACACS+ LOCAL

Note: Keyword LOCAL is case sensitive

This command can configure these options:

aaa authentication {serial | enable | telnet | ssh | http} console {server-tag [LOCAL] | LOCAL}

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents