I would like to configure APs such a way that administrators should access the APs using web interface. I have AAA authentication set for users pointing to RSA secure ID server. What should I configure on the AP or on RSA secure ID server so that admin users can use hard tokens for authentication..?I know it works with ACS box.We have standalone RSA secure ID (ACE) server used for authentication of routers and switches.
Thanks
--------------
aaa new-model
!
!
aaa group server radius rad_admin
cache expiry 1
cache authorization profile admin_cache
cache authentication profile admin_cache
!
aaa group server radius rad_pmip
!
aaa group server radius rad_eap
!
aaa group server radius rad_acct
!
aaa group server radius dummy
!
aaa group server tacacs+ tac_admin
server x.x.x.x <-----------ACE /RSA server
server y.y.y.y <-----------ACE /RSA server
cache expiry 1
cache authorization profile admin_cache
cache authentication profile admin_cache
!
aaa authentication login default group tac_admin line
aaa authentication enable default group tac_admin enable
aaa authorization exec default group tac_admin
aaa session-id common
ip http server
ip http authentication aaa
tacacs-server host x.x.x.x
tacacs-server host y.y.y.y
tacacs-server timeout 10