cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1661
Views
7
Helpful
4
Replies
Highlighted
Cisco Employee

TACACS with WLC

I am trying to configure TACACS for WLC and am following this youtube video from TAC but when I get to the step where I pick device type WLC all I see is “All device types”

Any guidance appreciated.

4 REPLIES 4
Highlighted
Cisco Employee

Device Types are groups you have to configure.  You can name them whatever you want i.e. Device Type: Wired, Device Type: Wireless, Device Type: VPN.  You can configure then by going to Administration -> Network Resources -> Network Device Types in ISE 2.0.

Regards,

-Tim

Highlighted

OK thanks, I got past that. Now I am getting authenticated OK but am failing in the authorization with "15020 Could not find selected Shell Profiles" but I have the profile configured and even tried to call the default profile with the same results.....

Highlighted

In addition to Krishnan's post -  the attribute we need to push from ISE role1=ALL is case sensitive. If in case it doesn't work -check debugs on the WLC side by running debug aaa tacacs enable - you should see it coming as arg[0] = [9][role1=ALL]


~ Jatin

~Jatin
Highlighted
Cisco Employee

Please follow the How to guide on TACACS for WLC.

http://www.cisco.com/c/dam/en/us/td/docs/security/ise/how_to/HowTo-TACACS_for_WLC.pdf

-Krishnan