[tac_plus] TACACS+ with Aruba Wireless Controller
Steven Goto
sgoto at hawaii.edu
Tue Nov 30 16:45:17 UTC 2010
John P.,
Thanks for sending your Aruba config; your ArubaOS version is pretty
close to ours and our config matches yours, so there must be something
else we are doing in between the controller & TACACS+ that is preventing
the authentication from working. I've checked all the obvious things
(ACLs, etc.) so I'll need to try the debug that John H. suggested and
perhaps triple-check things again. The main thing is that you have it
working, which is great to know--thanks again!
Steve.
On 11/29/10 6:52 PM, John Payne wrote:
> On Nov 29, 2010, at 1:32 PM, Steven Goto wrote:
>
>> Hi tac_plus,
>>
>> I've been trying to get our Aruba wireless controller running ArubaOS 3.4.2.5 to work with the Shrubbery Networks TACACS+ server for a number of weeks now; I've been going back and forth with Aruba Support but I think I've gone as far as I can go with them since they have no solution. TACACS+ accounting works but the authentication doesn't; Wireshark captures show the authentication failing and there are no service names or role definitions (like for AirWave AMP from tacacs.org, which we are successfully using) that Aruba is aware of. Are there any tips you may have for getting TACACS+ authentication to work with the Aruba wireless controller? Thanks!
> Authentication works for me, but not straight to enable mode :(
>
> I have a number of Aruba WCs on different versions, but none on 3.4.2.5 :) The closest is 3.4.2.0:
>
>
> aaa tacacs-accounting server-group TACACS mode enable command all
>
> aaa authentication-server tacacs "server1"
> host 10.1.2.3
> key foo
>
> aaa server-group "TACACS"
> auth-server server1
>
> aaa authentication mgmt
> server-group "TACACS"
> enable
>
More information about the tac_plus
mailing list