Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WLC Management users Authentication with Tacacs+ and Radius

Hi ,

 In WLC Security-->Priority Order-->Management User, If Tacacs+  and then radius Server  are selected, will the users be authenticated agaisnt Radius if users are not found in Tacacs Server or only if first priority is unreachable then the Radius server will be contacted for authentication ?

I have management users who gets authenticated against Tacacs+ and LobbyAdmin who wants to be authenticated by Radius(ACS and then AD)

Thanks in advance

 

 

4 REPLIES

See the current management

See the current management authentication server order by entering the show aaa auth command.

New Member

HiCurrently Tacacs+ , My

  • Hi
  • Currently Tacacs+ , My question was if I added Radius and useres are not found in Tacacs+, will the users be authenticated against Radius server ?
Bronze

I believe yes.In the Order

I believe yes.

In the Order Used for Authentication text box, specify which servers have priority when the controller attempts to authenticate management users.

Use the > and < buttons to move servers between the Not Used and Order Used for Authentication text boxes. After the desired servers appear in the Order Used for Authentication text box, use the Up and Down buttons to move the priority server to the top of the list. By default, the local database is always queried first. If the username is not found, the controller switches to the RADIUS server if configured for RADIUS or to the TACACS+ server if configured for TACACS+. The default setting is local and then RADIUS.

Source: http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0101101.html#ID1007

New Member

Thanks for your reply Moin ,

Thanks for your reply Moin , WLC will only support LOCAL and either Radius or Tacacs+

259
Views
0
Helpful
4
Replies
CreatePlease to create content