Security

Reply
Occasional Contributor II

Controlling access to Mobility Master via CPPM TACACS service

Hi All,

 

Having some trouble configuring our Mobility Master to do TACACS via CPPM.  Have created a new server-group on the MM and can point it back to CPPM for root logons however when accessing via an read-only account (we are sending back aruba-admin-role read-only) we can not login and see the following error in Access Tracker.

 

Requested priv_level= greater than Max Allowed priv_level=

 

Any ideas, hopefully this isn't like with the iAPs where we cannot have read-only access via TACACS.

 

Thanks,

Matt.

Guru Elite

Re: Controlling access to Mobility Master via CPPM TACACS service

Do you have Session Authorization enabled in the server definition on the MM side?


Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Controlling access to Mobility Master via CPPM TACACS service

Hi Tim,

 

No I don't believe we did, do we need to enable it?

 

Thanks,

Matt

Guru Elite

Re: Controlling access to Mobility Master via CPPM TACACS service

Yes


Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: