topic Re: WLC and RADIUS authentication of administrators in Network Access Control

WLC and RADIUS authentication of administrators

staalebotnen — Sun, 10 Mar 2019 21:40:30 GMT

Hi,

I'm having some problems getting the RADIUS authentication of administrators of a WLC to function. Currently I have the WLC set up to authenticate towards a Cisco ACS server by RADIUS (IETF). The WLC and ACS can communicate with each other, but when I try to log in too the WLC I get "External DB user invalid or bad password" in the ACS log (i know the user/pass is correct). I have enabled IETF RADIUS attribute 006-administrative on the group containing the admin user I'm experimenting with.

I'm also autenticating network switches via TACACS+ on this ACS server, this works without any problems (with the same admin user).

Any ideas or suggestions will be greatly appreciated!

Re: WLC and RADIUS authentication of administrators

staalebotnen — Wed, 26 Jul 2006 11:03:50 GMT

I've just attempted to create a user in the ACS internal database to check if this could be used as a workaround. But is still do not get the login to function. When i attempt to log inn i get the message "CS password invalid" in the failed attempts log. Am I missing something obvious here..?

Re: WLC and RADIUS authentication of administrators

staalebotnen — Wed, 26 Jul 2006 11:52:13 GMT

Problem solved. Turns out there was a missmatch between the shared secret of the WLC and the ACS.