Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1886
Views
0
Helpful
4
Replies

WLC Management users Authentication with Tacacs+ and Radius

sun.ramalingam
Level 1
Level 1

‎10-15-2014 02:45 PM - edited ‎07-05-2021 01:44 AM

Hi ,

 In WLC Security-->Priority Order-->Management User, If Tacacs+  and then radius Server  are selected, will the users be authenticated agaisnt Radius if users are not found in Tacacs Server or only if first priority is unreachable then the Radius server will be contacted for authentication ?

I have management users who gets authenticated against Tacacs+ and LobbyAdmin who wants to be authenticated by Radius(ACS and then AD)

Thanks in advance

 

 

Labels:
0 Helpful
4 Replies 4

Saurav Lodh
Level 7
Level 7

‎10-16-2014 05:11 PM

See the current management authentication server order by entering the show aaa auth command.

0 Helpful

sun.ramalingam
Level 1
Level 1
In response to Saurav Lodh

‎10-16-2014 05:52 PM

  • Hi
  • Currently Tacacs+ , My question was if I added Radius and useres are not found in Tacacs+, will the users be authenticated against Radius server ?
0 Helpful

Moin Ilyas
Level 4
Level 4
In response to sun.ramalingam

‎11-19-2014 01:01 PM

I believe yes.

In the Order Used for Authentication text box, specify which servers have priority when the controller attempts to authenticate management users.

Use the > and < buttons to move servers between the Not Used and Order Used for Authentication text boxes. After the desired servers appear in the Order Used for Authentication text box, use the Up and Down buttons to move the priority server to the top of the list. By default, the local database is always queried first. If the username is not found, the controller switches to the RADIUS server if configured for RADIUS or to the TACACS+ server if configured for TACACS+. The default setting is local and then RADIUS.

Source: http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0101101.html#ID1007

0 Helpful

sun.ramalingam
Level 1
Level 1
In response to Moin Ilyas

‎12-22-2014 07:04 PM

Thanks for your reply Moin , WLC will only support LOCAL and either Radius or Tacacs+

0 Helpful
Review Cisco Networking for a $25 gift card
Top