ā05-29-2019 01:03 AM - edited ā07-05-2021 10:28 AM
Hi,
I have a AIR-CT2504-K9 WLC running 8.0.133.0 version. I was using local credentials to login to it.
But now, After entering TACACS authentication details, I changed the priority order on the WLC with first as tacacs and then local. On the TACACS server, by mistake the WLC details was not entered correctly.
Now, I am unable to login through local and tacacs aswell.
Could someone suggest any troubleshoot here?
ā05-29-2019 02:44 AM - edited ā05-29-2019 02:45 AM
If you havenāt saved the configuration of the WLC post these changes. Take a reboot of it (power cycle).
Also whats the wrong information entered on the TACACS?
Since its on TACACS, you can correct it on the TACACS.
ā05-29-2019 03:25 AM
Any other options other than reboot?
Also I tried changing on the TACACS server, But no luck. Looks like I need to enter the tacacs details again on the WLC?
Any other solution here?
ā05-29-2019 04:13 AM
If TACACS is still not working, what is the error you are getting on the TACACS logs.?
ā05-29-2019 04:20 AM
ā05-29-2019 04:40 AM
Will it work if I enter local credentials on console? I don't think so.
ā05-29-2019 05:44 AM
ā05-29-2019 06:04 AM
Already removed the wlc entry form tacacs. no luck
ā05-29-2019 06:56 PM
Hi,
If you cannot get into your wlc, then the last option would be to reset the controller to default setting. You will need to reconfigure the controller from scratch.
To reset controller to default settings, follow the doc below:
Thanks
John
ā05-30-2019 06:01 AM
Try accessing through service port, you are not clear on what mistake you did on TACACS+ server ?
ā05-30-2019 09:37 PM
Yes. I am not sure what mistake was done on TACACS and WLC. I tried to remove the tacacs entry and readded again. Still no luck. Looks like I had a mistake done on WLC itself.
So Can i use Service port login using local credentials to work?
ā05-31-2019 07:08 AM
ā05-31-2019 09:28 AM
is there a way you can shutdown TACACS server or make it unreachable from WLC, till the time TACACS is reachable your local credential won't work based on how you have described the setting.
Service port has default IP of 192.168.1.1 unless you changed it during initial configuration, you can connect to service port with a laptop assign yourself an IP 192.168.1.2/24, try pinging it and try GUI.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide