1-9
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
Chapter1 Controlling CSS Access
Controlling Remote User Access to the CSS
•secondary - Defines the second authentication method that the CSS uses if
the first method fails. The default secondary console authentication method
is to disallow all user access.
Note If you are configuring a TACACS+ server as the primary authentication
method, define a secondary authentication method, such as local. If you
do not configure a secondary method and use the default of disallowed,
you have the possibility of being locked out of the CSS.
•tertiary - Defines the third authentication method that the CSS uses if the
second method fails. The default tertiary console authentication method is to
disallow all user access.
•disallowed - The CSS disallows access by all users (secondary or tertiary
authentication method only). Entering this option does not terminate existing
connections.
To remove users currently logged in to the CSS, use the disconnect command.
To define the TACACS+ server as the primary console authentication method,
enter:
#(config) console authentication primary tacacs
To define local user database as the secondary console authentication method,
enter:
#(config) console authentication secondary local
To disable authentication on the console port allowing users to access the CSS
without a username and password, enter:
#(config) no console authentication