Web authentication for AP through ACE /RSA secure ID server

rhegde · ‎06-07-2007

I would like to configure APs such a way that administrators should access the APs using web interface. I have AAA authentication set for users pointing to RSA secure ID server. What should I configure on the AP or on RSA secure ID server so that admin users can use hard tokens for authentication..?I know it works with ACS box.We have standalone RSA secure ID (ACE) server used for authentication of routers and switches.

Thanks

--------------

aaa new-model

!

aaa group server radius rad_admin

cache expiry 1

cache authorization profile admin_cache

cache authentication profile admin_cache

!

aaa group server radius rad_pmip

!

aaa group server radius rad_eap

!

aaa group server radius rad_acct

!

aaa group server radius dummy

!

aaa group server tacacs+ tac_admin

server x.x.x.x <-----------ACE /RSA server

server y.y.y.y <-----------ACE /RSA server

cache expiry 1

cache authorization profile admin_cache

cache authentication profile admin_cache

!

aaa authentication login default group tac_admin line

aaa authentication enable default group tac_admin enable

aaa authorization exec default group tac_admin

aaa session-id common

ip http server

ip http authentication aaa

tacacs-server host x.x.x.x

tacacs-server host y.y.y.y

tacacs-server timeout 10

b.speltz · ‎06-13-2007

No configuration needed on Access Points. Check if the clients are configured for PEAP - GTC .