Cisco 4700M Configuration Manual page 117

Chapter 2 Configuring Authentication and Accounting Services
•
Use this option with care. If you specify none, any user will be able to access the
Caution
ACE at any time.
•
For example, to enable console authentication using the TacServers server group,
followed by local login as the fallback method, enter:
host1/Admin(config)# aaa authentication login console group TacServers
local
Password verification remains enabled for login authentication.
For example, to turn off password validation, enter:
host1/Admin(config)# aaa authentication login console group TacServers
local none
For example, to revert to the local authentication method, enter:
host1/Admin(config)# no aaa authentication login console group
TacServers local none
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
OL-16202-01
none—Specifies that the ACE does not perform password verification. If you
configure this option, users can log in to the ACE without providing a valid
password. Only a user with an Admin role is allowed to specify the none
option.
error-enable—Enables the display of the login error message in instances
where the remote AAA servers fail to respond. To view the current display
status, use the show aaa authentication login error-enable command. When
a user attempts to log in, and the remote AAA servers do not respond to the
authentication request, the ACE processes the login sequence by switching to
a local user database. If you activate the error-enabled feature, the following
message appears on the user's terminal:
Remote AAA servers unreachable; local authentication done.
Defining the Login Authentication Method
2-47