Resolution
Currently TACACS is not supported on the Wireless LAN Controllers (WLCs). However, RADIUS can be set up to authenticate management users to the WLC.
To authenticate management users to the WLC through RADIUS, perform these steps:
- Navigate to Security > AAA > RADIUS Authentication on the WLC, and check the Management checkbox for each RADIUS server to be used. Then click Apply to save the changes.
- On the Cisco Secure ACS, enable Internet Engineering Task Force (IETF) RADIUS Attribute 006, and set it to Administrative.
Perform this step for each user to which you want to give access, or set the attribute on a group and place users that you want to have access within that group.
For more information on how to troubleshoot WLC, refer to Wireless LAN Controller (WLC) Troubleshoot FAQ.
For more information on Configuring Radius server ,refer to Configure the WLC for RADIUS Authentication through an External RADIUS Server section of EAP Authentication with WLAN Controllers (WLC) Configuration Example
For more information about the WLC, refer to Cisco Wireless LAN Controllers.
Problem Type
Configure / Configuration issues
Products
Wireless LAN Controllers
Security Options
Authentication
Tacacs+