cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
615
Views
5
Helpful
2
Replies

Admin Access with ACS

Not applicable

Hello, I have a more then 100 AP's on my network.

I want to manage all the AP's with one USER/PASS that allowed on my ACS.

I try to mark the " Authentication Server if not found in Local List" on Security page and to configure the RADIUS Server on Server Manager Page but I still can't get into the AP's.

Note: on the ACS Pass log I see that the Username was passed

Can I get any idea ?

2 Replies 2

will.shaw
Level 4
Level 4

The web management page never seems to work for me, however the following commands should fix your issue:

aaa authentication login default local group radius

aaa authentication login eap_methods group radius

aaa authentication enable default group radius enable

aaa authorization exec default group radius none

aaa accounting send stop-record authentication failure

aaa accounting exec default start-stop group radius

aaa accounting commands 1 default start-stop group radius

aaa accounting commands 15 default start-stop group radius

You'll have to enter this from ios, but it should fix your issue.

One other thing to watch out for is the web management authentication

either:

ip http authentication aaa

or

ip http authentication local

Not applicable

10X

I fix the problem by adding the pramater "Priv-lv1=15" on cisco-av-pair on ACS

Aharon

Review Cisco Networking for a $25 gift card