This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Radius and Local account EXOS Switch log in

Radius and Local account EXOS Switch log in

Go to solution
Christopher_Tay
Contributor

‎02-18-2021 09:14 PM

I have set up our X460 G2 switches with RADIUS login through our NAC.  This works well however is it possible to also have the local accounts available?  XMC uses a local account to login and if the NAC were to fail local account login we be needed.  When I enable RADIUS mgmt-access the local accounts are no longer able to login.

We are running ver 30.7

Thank you,

Chris

 

 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Stefan_K_
Valued Contributor

‎02-18-2021 09:26 PM

I think when NAC is unavailable a local login is possible. Also when you are connected via serial it should be possible (maybe only after a few tries if I remember correctly).

Why does your XMC uses local switch accounts and no radius-account? (you could also create one local account in the NAC if you don’t want to use an AD-Account.)

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
StephanH
Valued Contributor III

‎02-18-2021 10:06 PM

Hello,

Stefan is right, in case the NAC (or another Radius server) is not reachable the local database is used for authentication. The RADIUS server take precedence over privileges configured in the local database.

Regards Stephan
0 Kudos

Go to solution
Stefan_K_
Valued Contributor

‎02-18-2021 09:26 PM

I think when NAC is unavailable a local login is possible. Also when you are connected via serial it should be possible (maybe only after a few tries if I remember correctly).

Why does your XMC uses local switch accounts and no radius-account? (you could also create one local account in the NAC if you don’t want to use an AD-Account.)

0 Kudos
GTM-P2G8KFN