Troubleshooting guide
1-28
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Administrative Login Authentication, Authorization, and Accounting
Configuring Administrative Login Authentication and Authorization
Step 1 From the WAAS Central Manager menu, choose Devices > device-name (or Device Groups >
device-group-name).
Step 2 Choose Configure > Security > AAA > Authentication Methods. The Authentication and
Authorization Methods window appears. (See Figure 1-7.)
Figure 1-7 Authentication and Authorization Methods Window
Step 3
Check the Failover to next available authentication method check box to query the secondary
authentication database only if the primary authentication server is unreachable. When the box is
unchecked, the other authentication methods are tried if the primary method fails for any reason.
To use this feature, you must set TACACS+, RADIUS, or Windows domain as the primary authentication
method and local as a secondary authentication method. Make sure that you configure the local method
as a secondary scheme for both authentication and authorization (configuration).
Step 4 Check the Authentication Login Methods check box to enable authentication privileges using the local,
TACACS+, RADIUS, or WINDOWS databases.
Step 5 Specify the order of the login authentication methods that the chosen device or device group are to use:
a. From the Primary Login Method drop-down list, choose local, TACACS+, RADIUS, or
WINDOWS. This option specifies the first method that the chosen device (or the device group)
should use for administrative login authentication.
b. From the Secondary Login Method drop-down list, choose local, TACACS+, RADIUS, or
WINDOWS. This option specifies the method that the chosen device (or the device group) should
use for administrative login authentication if the primary method fails.