04-15-2014 06:43 AM
We would like to disable local user remote login via ssh/telnet and only allow TACACS remote login. Is the correct method just to disable "Allow Local Authentication?" we would want to be able to login locally with root/admin if the network is down still and need certain local accounts to access the web gui for guest provisioning as we don't use clearpass/amigopod.
04-15-2014 11:51 AM
This works perfect for securing remote access via ssh/telnet but then we have the issue for anyone that doesn't have tacacs permissions. Is there no way to disable "root" accounts like the admin and in our case airwave management user from remote login but still allow local accounts that need to login for guest provisioning?