- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Username
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-23-2010 01:13 AM
тАО11-23-2010 01:13 AM
Username
I m doing authentication by tacacs+ through cisco ACS server.
my commands are:
tacacs-server host 10.75.7.135 key cisco
aaa authentication telnet login tacacs+ local
After entering username and password it comes to this prompt
Switch>
when i do en it again ask for username and password??
which username and password i have to input here i have not set any other user only 1 user with manager access,when i enter the same username and password it doesn't accepts it says Unable to verify password.
2) How i can remove the below command from the configuation:
aaa authentication telnet login tacacs local
aaa authentication telnet enable tacacs local
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-23-2010 06:33 AM
тАО11-23-2010 06:33 AM
Re: Username
basically login and enable access are independant authentication processes. But you can configure the switch to honor the privileg mode avoiding a manager authenticate twice:
# aaa authenticatio login privilege-mode
2)
To remove a tacacs authentication you have to set it do default:
aaa authentication telnet login local none
aaa authentication telnet enable local none
Cheers,
Michael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-23-2010 07:56 AM
тАО11-23-2010 07:56 AM
Re: Username
Fyi, this feature/function only works with radius authenticated logins as you must also configure a radius attribute in the radius policy (server) to support its use. The switch expects a specific value to be sent back in the access-accept reply (in the "service-type" field) pkt.
BTW, be sure to configure the radius server for this use first, then add the above command in the switch, otherwise, if you put the command and then the switch does not receive one of the 2 value's it requires, you will lock yourself out of the access method where radius is being used to support authentication.
Because of the switch's requirement of receiving a specific value in the reply pkt, this feature is not available for tacacs auth.
hth...Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-23-2010 10:08 AM
тАО11-23-2010 10:08 AM
Re: Username
I want to do single login by ACS server and local when ACS fails what commands i have to apply please guide.
i m using tacacs
aaa authentication login privilege command doesn't work.
please help
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-23-2010 12:29 PM
тАО11-23-2010 12:29 PM
Re: Username
i m using tacacs "
Using tacacs, you do not get that option on ProVision software.
If you use the ACS and use its radius auth services (I've been told ACS can do radius), then you can use the above command and explicit config in the radius server (see the docs).
hth...Jeff