Security

Reply
Occasional Contributor II
Posts: 13
Registered: ‎03-09-2014

Clearpass as TACACS for Cisco WLC

I have configured Clearpass as TACACS for a Cisco WLC.  I have verified I'm hitting the correct profile.

 

Under that profile I am using the CiscoWLC:Common service to provide the name role1 with value of ALL.  The cisco is not liking the message its getting from clearpass and is classifying it as a Authentication failure.  Is there anything else I need to add or change?

 

profile attached.

Aruba
Posts: 1,520
Registered: ‎06-12-2012

Re: Clearpass as TACACS for Cisco WLC

There is no profile attached.

If its an auth error it usually isnt a profile issue. Can you attach the alert in access tracker
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Occasional Contributor II
Posts: 13
Registered: ‎03-09-2014

Re: Clearpass as TACACS for Cisco WLC

It actually shows it passes in Clearpass.  The WLC just isnt likeing the response for some reason.

Attaching images:  

wlc2.png

WLC.png

Aruba
Posts: 1,520
Registered: ‎06-12-2012

Re: Clearpass as TACACS for Cisco WLC

Even though it passes Auth sometimes there is still an alert in access tracker. I ran into the same thing yesterday with a juniper switch. I just wanted to make sure.
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
New Contributor
Posts: 1
Registered: ‎02-10-2016

Re: Clearpass as TACACS for Cisco WLC

I am experiencing this issue trying to get my WLC to work with Clearpass for tacacs admin.

 

Any ideas?

Aruba Employee
Posts: 10
Registered: ‎04-28-2009

Re: Clearpass as TACACS for Cisco WLC

Have you tested with the Privilege level = 15 in the enforcement profile?

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: