Re: AP Tacacs Authentiation

gibsthomas · ‎01-24-2006

How can I setup login to AP's using Tacacs autentication. I currently have all the Ap's set up for local autentication. commands most welcome

Ap's 1210 Running V 12.3 4 JA1

WLSE 1310 V2.11

and Cisco ACS

Thanks,

m-avramidis · ‎01-25-2006

Hi

Basically the same way you configured your routers/switches for Tacacs. One problem (for me) though is that if i Telnet to My AP, the AP uses the name and password that i specified in Tacacs, but if i uses the web interface it only use the locally specified name and password, don`t know why....

gibsthomas · ‎01-25-2006

Hi..

Can you pls paste the config?.. I tried to do the same thing as in router tacacs login but now cannot log in using local or tacacs.

mirek.tichy_2 · ‎01-26-2006

Hi,

in the example below vty lines use the default methode which is the TACACS, http uses TACACS as well. Console uses local method. If the TACACS conectivity fails second default methode is local.

aaa new-model

!

aaa group server tacacs+ acs_management

server 10.10.10.10

server 11.11.11.11

!

aaa authentication login default group acs_management local

aaa authentication login method_direct local

aaa authentication enable default group acs_management enable

aaa authorization exec default group acs_management if-authenticated

aaa authorization exec method_direct local

!

ip http authentication aaa login-authentication default

!

tacacs-server host 10.10.10.10 key mykey

tacacs-server host 11.11.11.11 key mykey

!

line con 0

login authentication method_direct

line vty 0 4

line vty 5 15

gibsthomas · ‎01-25-2006

Hey..

Dont know what exactly i did but now i can login to AP via telnet and www using Tacacs autentication.

paltel · ‎01-27-2006

I think you need to specify the ip http server authentication tacacas+....

Please rate it

Thank you