[tac_plus] - Latest Stable Version you are running
Alan Alejandro Villaverde
alan.villaverde at gmail.com
Mon Oct 20 15:09:42 UTC 2014
Hi guys!
I finally made it works! I did it with the config I mentioned before.
Searching a bit more I found this page
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/config_guide/b_cg75/b_cg75_chapter_0101001.html
In which I could fing this:
*Note *
For basic management authentication via TACACS+ to succeed, it is required
to configure authentication and authorization servers on the WLC.
Accounting configuration is optional.
So my error was that in the WLC, security, TACACS+, I had configured only
Authentication without setting up the Authorization tacacs section.
Now it is working!
Thanks for your time and collaboration.
Best regards.
2014-10-20 11:05 GMT-03:00 Alan Alejandro Villaverde <
alan.villaverde at gmail.com>:
> Hi Daniel,
>
> Could you please teach me where I have to add this line?
> I added this line into the group access list section. I dont know if it is
> ok, but the tacacs don´t show me any error.
>
> NOTE: the tacacs production server is running F4.0.4.25
>
> group = todo_super_user {
> service = exec {
> priv-lvl = 15
> }
> service = ciscowlc {
> role1 = ALL
> }
> acl = todo
> }
>
> Here the log: ( logging -d 16)
>
> login query for 'avillaverde' unknown-port from 10.85.206.34 accepted
>
> The authentication is valid, but the wireless controller is still
> prompting to me user and password again.
>
>
> Do you have a WLC running 7.3.101.0 and authenticating with tacacs? Maybe
> I am missing some configuration items.
>
> I will appreciate so much your help.
>
>
>
> 2014-10-17 13:08 GMT-03:00 Daniel Schmidt <daniel.schmidt at wyo.gov>:
>
> The WLC uses roles.
>>
>> service = ciscowlc {
>> role1 = ALL
>> }
>>
>>
>> On Tue, Oct 14, 2014 at 6:26 AM, Alan Alejandro Villaverde <
>> alan.villaverde at gmail.com> wrote:
>>
>>> Hi Guys,
>>>
>>> Thanks for your collaboration. I finally set up tacacs+-F4.0.4.26 on
>>> OpenSuse 12.1.
>>>
>>> Just another question, Have anyone of you set up a Cisco Wireless Lan
>>> Controller to authenticate through this tacacs? The running version
>>> 7.3.101.0 is WLC.
>>>
>>> This doesn´t work for us. When I debugged tacacs, all seems to be fine,
>>> there is not any error. The authentication pass fine, but the web
>>> interface
>>> prompt me to authenticate again.
>>>
>>> I think I am missing something in the tacacs configuration for this kind
>>> of
>>> device.
>>>
>>> Do you have any idea?
>>>
>>> 2014-10-10 11:37 GMT-03:00 Alan McKinnon <alan.mckinnon at gmail.com>:
>>>
>>> > On 10/10/2014 14:04, Alan Alejandro Villaverde wrote:
>>> > > Hi guys,
>>> > >
>>> > >
>>> > > I wondered which is the latest stable version you are running. In our
>>> > case
>>> > > we are running tacacs+-F4.0.4.25.
>>> > >
>>> > > Do you know if it is time to make an upgrade? What do you think? Is
>>> there
>>> > > any new stable version?
>>> > >
>>> > > BR
>>> > >
>>> >
>>> >
>>> > 4.0.4.27a is latest. However, it's a minor change from 4.0.4.25 and
>>> > fully detailed in the Changelogs. Review those - you will know if you
>>> > need them. If not, there's no need to upgrade.
>>> >
>>> > 5.0.0a1 is not usable, don't try it. It's a first effort at heasley's
>>> > long-intended reorganize of the code base.
>>> >
>>> > --
>>> > Alan McKinnon
>>> > alan.mckinnon at gmail.com
>>> >
>>> > _______________________________________________
>>> > tac_plus mailing list
>>> > tac_plus at shrubbery.net
>>> > http://www.shrubbery.net/mailman/listinfo/tac_plus
>>> >
>>>
>>>
>>>
>>> --
>>> Alan Alejandro Villaverde.
>>>
>>> ,JL.
>>> j@, Zv
>>> uJ.u at qJ
>>> :LBO:v1
>>> :r1@ MB
>>> G1 rB8Ur ,
>>> r at Ei O .7 @.
>>> :N,:BBO05v,:, :7 u Or
>>> vM at r:E: rqr,: .v X Or
>>> 7 at r v at U ,@::: 5 .L M:
>>> YO:2 at OS. . .7: N iP
>>> Y at riBr ,:i::: :q ,q.
>>> qk :ii YO.
>>> iv7r77r iGF :7v7
>>> :u0u. 7Lj ;5k1r7BN
>>> 7P552552v: LUM1, 7FUi:..v at B
>>> ik7JMJ. ..,v at rk.
>>> _..._ Y8. vL: .5 at v E.
>>> .' '. ui,N: .G.O@: @
>>> / _ _ \ .P: J7LEBO Bi
>>> | (o)_(o) | .1 i at B7 .MU
>>> \( ) / 2 :M at u .uMi
>>> //'._.'\ \ :k :U at BOi:vSM2B
>>> // . \ \ 7E at B@B at O8PrMk ;B
>>> || . \ \ @: @r
>>> |\ : / | EM. ;@
>>> \ `) ' (` /_ .B7 0L
>>> _)``".____,.'"` (_ ..,:i;7vjuFXZEOMMBBL:::.rB at B@B@
>>> ) )'--'( ( .,::ir77vvJjuu2UF5SS00GZOMBB at B@B at B@B at B@
>>> '---` `---` ::iirr77rrr77vLLLjuu25FXPNZGMOOO at B@B at B@B@@@B at B@B at B
>>> :i:i::,:,i,:,:.:.:.:.:.:.:.,.,.,............. ...
>>> -------------- next part --------------
>>> An HTML attachment was scrubbed...
>>> URL: <
>>> http://www.shrubbery.net/pipermail/tac_plus/attachments/20141014/a79e8d9f/attachment.html
>>> >
>>> _______________________________________________
>>> tac_plus mailing list
>>> tac_plus at shrubbery.net
>>> http://www.shrubbery.net/mailman/listinfo/tac_plus
>>>
>>
>> E-Mail to and from me, in connection with the transaction
>> of public business, is subject to the Wyoming Public Records
>> Act and may be disclosed to third parties.
>>
>>
>>
>
>
> --
> Alan Alejandro Villaverde.
>
> ,JL.
> j@, Zv
> uJ.u at qJ
> :LBO:v1
> :r1@ MB
> G1 rB8Ur ,
> r at Ei O .7 @.
> :N,:BBO05v,:, :7 u Or
> vM at r:E: rqr,: .v X Or
> 7 at r v at U ,@::: 5 .L M:
> YO:2 at OS. . .7: N iP
> Y at riBr ,:i::: :q ,q.
> qk :ii YO.
> iv7r77r iGF :7v7
> :u0u. 7Lj ;5k1r7BN
> 7P552552v: LUM1, 7FUi:..v at B
> ik7JMJ. ..,v at rk.
> _..._ Y8. vL: .5 at v E.
> .' '. ui,N: .G.O@: @
> / _ _ \ .P: J7LEBO Bi
> | (o)_(o) | .1 i at B7 .MU
> \( ) / 2 :M at u .uMi
> //'._.'\ \ :k :U at BOi:vSM2B
> // . \ \ 7E at B@B at O8PrMk ;B
> || . \ \ @: @r
> |\ : / | EM. ;@
> \ `) ' (` /_ .B7 0L
> _)``".____,.'"` (_ ..,:i;7vjuFXZEOMMBBL:::.rB at B@B@
> ) )'--'( ( .,::ir77vvJjuu2UF5SS00GZOMBB at B@B at B@B at B@
> '---` `---` ::iirr77rrr77vLLLjuu25FXPNZGMOOO at B@B at B@B@@@B at B@B at B
> :i:i::,:,i,:,:.:.:.:.:.:.:.,.,.,............. ...
>
>
--
Alan Alejandro Villaverde.
,JL.
j@, Zv
uJ.u at qJ
:LBO:v1
:r1@ MB
G1 rB8Ur ,
r at Ei O .7 @.
:N,:BBO05v,:, :7 u Or
vM at r:E: rqr,: .v X Or
7 at r v at U ,@::: 5 .L M:
YO:2 at OS. . .7: N iP
Y at riBr ,:i::: :q ,q.
qk :ii YO.
iv7r77r iGF :7v7
:u0u. 7Lj ;5k1r7BN
7P552552v: LUM1, 7FUi:..v at B
ik7JMJ. ..,v at rk.
_..._ Y8. vL: .5 at v E.
.' '. ui,N: .G.O@: @
/ _ _ \ .P: J7LEBO Bi
| (o)_(o) | .1 i at B7 .MU
\( ) / 2 :M at u .uMi
//'._.'\ \ :k :U at BOi:vSM2B
// . \ \ 7E at B@B at O8PrMk ;B
|| . \ \ @: @r
|\ : / | EM. ;@
\ `) ' (` /_ .B7 0L
_)``".____,.'"` (_ ..,:i;7vjuFXZEOMMBBL:::.rB at B@B@
) )'--'( ( .,::ir77vvJjuu2UF5SS00GZOMBB at B@B at B@B at B@
'---` `---` ::iirr77rrr77vLLLjuu25FXPNZGMOOO at B@B at B@B@@@B at B@B at B
:i:i::,:,i,:,:.:.:.:.:.:.:.,.,.,............. ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20141020/5028be56/attachment.html>
More information about the tac_plus
mailing list