Configuring Fallback Mechanism for Authentication

Configuring Fallback Mechanism for Authentication

You can enable or disable fallback to the local database in case the remote authentication is set and all of the AAA servers are unreachable (authentication error). The fallback is set to local by default in case of an authentication error. You can disable this fallback for both console and SSH or Telnet login. Disabling this fallback tightens the authentication security.

Detailed Steps

To configure the fallback mechanism, follow this step:

Enter the show run aaa all command to verify that the default fallback is enabled for both the default and console login.

Disabling fallback will print a warning message.

Caution
If fallback is disabled for both the default and console, remote authentication is enabled and servers are unreachable and then the switch will be locked.

Copyright 2010-2013, Cisco Systems, Inc. All rights reserved.