09-30-2005 10:41 AM - edited 07-04-2021 11:10 AM
Happy Friday...
Trying to integrate WLC-4400 and WCS into an existing TACACS/RADIUS environment. The WLC now talks to the RADIUS server, which in turn is validating off the NT domain just fine (for network clients).
But we also need to authenticate Administration access to the boxes themselves via RADIUS. On the WLC's (v3.1 code), we've checked the box that would appears to allow that on the RADIUS server config screen. And we can see the WLC go out and get a "Passed Authentication" from the ACS server on an attempted administrator login. But, the WLC still won't allow a non-local user to log in. Is there something I'm missing here to allow "unknown user"-type authentication via RADIUS?
Is there even a way at all to do RADIUS validation of Administration access on the WCS server?
Boy, I'll be glad when all of the Airespace documentation catches up...it's pretty spotty out there right now.
Thanks...
Mike
10-06-2005 06:49 AM
class of service for the logon account has been changed. Log on by using a different account.
The class of service has been changed to subscriber for everyone who previously had administrator privileges. There is no longer a account for the administrator is available.
03-30-2006 01:20 PM
I am glad to see there was a resolution posted to this one. NOT!!!
I am in the same boat and cannot find any resolution. I can authenticat users fine, but administration access will only use the local user database.
Any help is greatly appreciated.
06-27-2006 02:34 AM
Hi Mike,
try this on the ACE/ACS (Radius):
use IETF RADIUS Attributes --> Service Type: Administrative.
Uwe
06-27-2006 09:11 AM
Currently this is not supported. The rumor is that this feature will be integrated into the next major release. Then there will be support for TACACS authentication for administrative access.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: