WAAS Authentication using TACACS+

Answered Question
Mar 19th, 2010

Hi,

I am trying to use TACACS as the primary method of authentication. The thing is that I configured in WAAS the values required (security word, primary server and secondary server). Also, in Authentication Method I chose TACACS as primary and local as the secondary.

After that I logged in to the WAAS using my TACACS account and I could enter, but the Navigation Pane is empty. It seems like my account doesn't have permissions to change config, but it is level 15 in TACACS ( I used to change config in Sw and routers).

I dont know if I am missing a step to config this feature either on the WAAS or the ACS.

Thanks,

I have this problem too.
0 votes

TACACS really only provides a single "A"  Authentication.

Are you allowed or not....

in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.

Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.

Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer

TACACS really only provides a single "A"  Authentication.

Are you allowed or not....

in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.

Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.

Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated.

dbarboza27 Sat, 03/27/2010 - 07:42

I created the accounts in WAAS (Admin --> AAA --> Users) and it is working well. Thanks for the advice.

Actions

This Discussion