[tac_plus] Re: Tac+ and Cisco WCS
Guy Morrell
guy.morrell at oucs.ox.ac.uk
Mon Nov 3 17:01:14 UTC 2008
> > Dear all,
> >
> > we are using your Tacacs+ server for AAA on our Cisco equipment
which ever
> > worked fine.
> > Now we spent some money on Cisco's new "Wirless Lan Controller"
and also a
> > "Wirless Controll System" Server.
> >
> > These kits support AAA and Tacacs in their most recent version
but I
> > haven't got really a clue how to pair them off (neither WLC nor
WCS +
> > tacacs).
> >
> > I found some good manuals on the Cisco web
> > (http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml
),
> > but they just state out how to use theyr ACS and that's a bit
pricey if
> > you don't already have that server.
> >
> > Mainly I failed in finding out how to use these rolebased auth
methods in
> > your tac Server.
>
> There should not be anything fancy about this. The device probably
expects an
> AV-pair, such as something = role:ALL. You just have to find out
what the
> something is and I don't see it in that document.
>
> However, this may require service = ciscowlc, under which this av
pair would
> be. such as:
>
> user = foo {
> service = ciscwlc {
> something = role:ALL
> }
> }
Hello there,
Apologies for any formatting issues - I wasn't on the list at the time
so I've fudged a reply to this. I had the same problem and got it
working the other day. You want something like this:
user = foo {
service = ciscowlc {
role1 = ALL
}
}
Hope this helps.
Guy
More information about the tac_plus
mailing list