Security

Reply
Occasional Contributor I
Posts: 6
Registered: ‎11-22-2014

CPPM TACACS+ for autnenticating Riverbed Steelhead admins

All,

 

I'm trying to use CPPM to control admin access to my Riverbed appliances.

I keep getting the following alert in the access tracker: Tacacs service=rbt-exec:unknown not enabled

 

CPPM error.PNG

 

I have however imported a TACAS service called rbt-exec:unknown in the TACACS+ Services Dictionaries.

 

TACAS_Service.PNG

 

I have restarted the TACAS service on both my CPPM's (they are clustered).

I have followed this how-to: http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-authenticate-Riverbed-admin-users-against-ClearPass-over/ta-p/192945

All help and suggestions are welcome!

 

 

Thanks

 

Leo

 

Occasional Contributor I
Posts: 6
Registered: ‎11-22-2014

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

MVP
Posts: 1,392
Registered: ‎11-30-2011

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

could you explain what you did leo? it might help others with the same question.

Occasional Contributor I
Posts: 6
Registered: ‎11-22-2014

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

I missed one setting on the Riverbeds.

 

You must set the authorisation policy on the riverbed to remote only. I missed that...

 

The how-to showed the setting on a screenshot, but did not describe the action to be taken....

 

 

Regards,

 

Leo

 

 

 

New Contributor
Posts: 2
Registered: ‎04-09-2015

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

What vendorname do you set for your Riverbed devices?



Occasional Contributor II
Posts: 11
Registered: ‎06-23-2015

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

Has anyone tried this using the "monitor" role (read-only) within Riverbed? This works just fine using the admin role, but suppose someone (me) needed to define read-only access to Riverbed appliances, using CPPM? Haven't gotten this to work ... it only shows the following in my Authorization failure access tracker window:

 

aruba-cppm-rvbd-monitor-fail.jpg

Regular Contributor II
Posts: 223
Registered: ‎10-29-2014

Re: CPPM TACACS+ for autnenticating Riverbed Steelhead admins

Please post a screenshot of your enforcement policy in clearpass

HTH
Cheers
SumaN
Search Airheads
Showing results for 
Search instead for 
Did you mean: