Solved: Re: WAAS Authentication using TACACS+

dbarboza27 · ‎03-19-2010

Hi,

I am trying to use TACACS as the primary method of authentication. The thing is that I configured in WAAS the values required (security word, primary server and secondary server). Also, in Authentication Method I chose TACACS as primary and local as the secondary.

After that I logged in to the WAAS using my TACACS account and I could enter, but the Navigation Pane is empty. It seems like my account doesn't have permissions to change config, but it is level 15 in TACACS ( I used to change config in Sw and routers).

I dont know if I am missing a step to config this feature either on the WAAS or the ACS.

Thanks,

todd.martin · ‎03-24-2010

TACACS really only provides a single "A" Authentication.

Are you allowed or not....

in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.

Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.

Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated.

View solution in original post

todd.martin · ‎03-24-2010

TACACS really only provides a single "A" Authentication.

Are you allowed or not....

in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.

Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.

Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated.

dbarboza27 · ‎03-27-2010

I created the accounts in WAAS (Admin --> AAA --> Users) and it is working well. Thanks for the advice.