Controller Based WLANs

How do I configure RADIUS authentication for management access?

by on ‎07-01-2014 03:45 PM

Product and Software: This article applies to all Aruba Mobility Controllers and ArubaOS 2.5.

 

Users can manage controllers using Secure Shell (SSH), Secure HTTP connection, and optionally using Telnet.

 

By default, all management authentication is using the internal database.

 

To configure RADIUS authentication using the CLI, you must have root access and be in the enable mode, then follow these steps:

 

Step 1:

Configure the Radius server properties.

aaa radius-server <Name> host <IP Address> key <key>

 

Example:

aaa radius-server radius01 host 10.198.8.28 key abcdefg

 

Step 2:

Enable the management authentication using the external Radius server.

aaa mgmt-authentication mode enable  aaa mgmt-authentication auth-server <Name>

 

Example:

aaa mgmt-authentication mode enable  aaa mgmt-authentication auth-server radius01

 

Step 3:

Check the log to verify the access and for troubleshooting.

show log authmgr <number of lines>

 

Example:

Jun 23 15:24:32 :INFO: selected server win2k for method=Management; user=bbb, essid=<>, domain=<>

Jun 23 15:24:32 :NOTI: Administrative user 'bbb' authenticated successfully (role=root, privileged=1)

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.