04-27-2012 07:34 AM - edited 07-03-2021 10:04 PM
Hello,
I need a help here,
My access points already joined WLC. I want to configure it so everyone who wants to log on to the access point is authenticated using tacacs authentication? How can I do this? I already search at the Configuration guide but I can't find and I can't find a command to input the tacacs server in that lightweight access points.
Can you help me of how to configure lightweight access point that already join the controller so everyone who wants to log in to it is authenticated using tacacs authentication?
Kind regards,
Solved! Go to Solution.
04-27-2012 07:53 AM
ahh, ok. No, you can't do that as the AP isn't aware of TACACS.
Out of curiosity, why would you need/want to go to the AP? For the most part you can pull any of the show commands from the CLI of the WLC, which is TACACS aware.
Steve
04-27-2012 07:40 AM
First, TACACS is used for authentication of a management user accessing the WLC. NOT for user authentication to the network.
Second, in a lightweight environment, you don't auth to the AP, but to the WLC.
So, you need to make sure that your ACS is configured for RADIUS authentication, for the users. Define the server in the RADIUS section of the Security tab, then configure the WLAN for WPA/TKIP or WPA2/AES with 802.1x as the auth method.
find the section:
from the below examples
Steve
04-27-2012 07:47 AM
Thanks Steve for your response,
But what my boss needs is each time we telnet to the access point (lightweight) we use username and password that listed in tacacs. Can we do that? Can we configure the access point to do that?
Warm regards.
04-27-2012 07:53 AM
ahh, ok. No, you can't do that as the AP isn't aware of TACACS.
Out of curiosity, why would you need/want to go to the AP? For the most part you can pull any of the show commands from the CLI of the WLC, which is TACACS aware.
Steve
04-27-2012 08:17 AM
You are right!! Lightweight access point is unaware of TACACS but WLC do.
When I try to type one of tacacs-specific command: "ip tacacs-server" @ the access point's CLI, command doesn't appear. I kind not believe the LAP don't support TACACS. I try to search in config guide and then in here.
About the reason, I don't know. Maybe for better security I think. Thanks for you.
Cheers,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide