Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
0
Helpful
1
Replies

question on radius and wlc- managment users vs wireless domain users

George Wolf
Level 1
Level 1

‎09-15-2016 08:32 AM - edited ‎07-05-2021 05:49 AM

Currently I have a wlc working perfectly with manamgnet via web login local and wireless users sent to the Radius server.  This works fine but we need to take it a step farther and get our management users authenticating.

I see how I am able to checkbox the management interface to authenticate management users but am concerned if I do so all the wireless users will be able to get into the box.

How do you make it so requests from the management go to a specific group and all wireless users go to domain users?  We are running and IAS server.  I've seen many docs that tell you one or the other but none explain how you make both work properly.

any help appreciated- thanks

geo

Labels:
0 Helpful
1 Reply 1

Ric Beeching
Level 7
Level 7

‎09-15-2016 11:34 PM

It is more common to use AAA/TACACS for your mgmt users and RADIUS for your wireless authentication but depends on your available resources. If you do have to use RADIUS then you will just manage that level of access through attributes on your RADIUS server.

For example, this is an old guide but the ACS server is configured to return an attribute to the WLC allowing the user to logon to the WLC as a mangement user. If that attribute was not returned the user would be denied management access.

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71989-manage-wlc-users-radius.html

Ric

-----------------------------
Please rate helpful / correct posts
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card