05-29-2019 01:03 AM - edited 07-05-2021 10:28 AM
Hi,
I have a AIR-CT2504-K9 WLC running 8.0.133.0 version. I was using local credentials to login to it.
But now, After entering TACACS authentication details, I changed the priority order on the WLC with first as tacacs and then local. On the TACACS server, by mistake the WLC details was not entered correctly.
Now, I am unable to login through local and tacacs aswell.
Could someone suggest any troubleshoot here?
05-29-2019 02:44 AM - edited 05-29-2019 02:45 AM
If you haven’t saved the configuration of the WLC post these changes. Take a reboot of it (power cycle).
Also whats the wrong information entered on the TACACS?
Since its on TACACS, you can correct it on the TACACS.
05-29-2019 03:25 AM
Any other options other than reboot?
Also I tried changing on the TACACS server, But no luck. Looks like I need to enter the tacacs details again on the WLC?
Any other solution here?
05-29-2019 04:13 AM
If TACACS is still not working, what is the error you are getting on the TACACS logs.?
05-29-2019 04:20 AM
05-29-2019 04:40 AM
Will it work if I enter local credentials on console? I don't think so.
05-29-2019 05:44 AM
05-29-2019 06:04 AM
Already removed the wlc entry form tacacs. no luck
05-29-2019 06:56 PM
Hi,
If you cannot get into your wlc, then the last option would be to reset the controller to default setting. You will need to reconfigure the controller from scratch.
To reset controller to default settings, follow the doc below:
Thanks
John
05-30-2019 06:01 AM
Try accessing through service port, you are not clear on what mistake you did on TACACS+ server ?
05-30-2019 09:37 PM
Yes. I am not sure what mistake was done on TACACS and WLC. I tried to remove the tacacs entry and readded again. Still no luck. Looks like I had a mistake done on WLC itself.
So Can i use Service port login using local credentials to work?
05-31-2019 07:08 AM
05-31-2019 09:28 AM
is there a way you can shutdown TACACS server or make it unreachable from WLC, till the time TACACS is reachable your local credential won't work based on how you have described the setting.
Service port has default IP of 192.168.1.1 unless you changed it during initial configuration, you can connect to service port with a laptop assign yourself an IP 192.168.1.2/24, try pinging it and try GUI.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: