Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
702
Views
0
Helpful
1
Replies

AAA to wireless access point

rmeans
Level 3
Level 3

‎03-24-2009 07:03 AM - edited ‎03-10-2019 04:23 PM

I have trying to use AAA and a TACACS server to authenitcate user admin access to an access point (Aironet 1200). I am having trouble getting access through the http server to work. I can console and ssh to the device and use my ACS user account to authenticate. When access the device via a browser, I am prompted for a username/password to get level 1 access. I am permitted access. When I access other pages in the browser configuration, I am prompted for a level 15 username/password. I fail at this point. My ACS account is allowed level 15 access. The ACS logs indicate my user account is not in the database or has been locked. My account isn't locked. My configure looks like this:

aaa authentication login default group tacacs+ local

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting network acct_methods start-stop group rad_acct

no ip http server

ip http authentication aaa

ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

!

tacacs-server host 192.168.250.14

tacacs-server timeout 2

tacacs-server directed-request

tacacs-server key *****

Any ideas?

Labels:
0 Helpful
1 Reply 1

rmeans
Level 3
Level 3

‎03-24-2009 08:10 AM

found my problem.

aaa authorization exec default local

should be

aaa authorization exec default group tacacs+ local

0 Helpful
Customers Also Viewed These Support Documents