Controller Based WLANs

Question: How does local-auth disable work with management authentication?

Product & Software : This article applies to Aruba OS 5.x and above.

When management authentication is setup using external server like tacacs or radius and if the server sends reject then local-auth will not happen if "local-auth disable" is enabled.

In case of server timeout,  the knob "local-auth disable" will be ignored.  So that admin or local user can access the controller using the local-auth even if the external management server times out. This special case has been made so that at least admin or the local user can login to system to make changes since there will be no other way to access the controller apart from console.