Cisco Support Community
Community Member

Authenticate and authorize vty 0 4 and vty 5 15 telnet sessions

We use WLSM as WDS, WLSE, Cisco ACS and AP1210's. The infrastructure AP's authenticate with the WLSM. Both MAC Authentication and LEAP authentication work. SSID assignment is functioning properly. I can not get telnet users to authenticate and authorize properly. I have had to renter the aaa new-model with all supporting entries. The ACS server says the authorization or authentication fails with an unknown NAS. The AP with its key is entered in the ACS. It takes 60 - 90 seconds for the AP to log a user in. Any articles or instructions would be appreciated. See typical infrastructure AP config atttached.

Community Member

Re: Authenticate and authorize vty 0 4 and vty 5 15 telnet sessi

The problem has been resolved. As a general note all authentication and authorization for console or vty 0-15 login, exec and commands is processed by the AP it is NOT sent to the WDS. The problem is the infrastructure AP is authenticated by LEAP through the WDS to the ACS so the infrastructure AP is entered in the ACS as using radius(cisco aironet). To get around this I put the infrastructure AP in ACS with a different name but the same IP and key and selected tacacs. Works like a dream.

VIVA Las Vegas!!!

CreatePlease to create content