Security

Reply
Occasional Contributor II
Posts: 11
Registered: ‎04-08-2013

How to Authenticate Read-Only/Guest Users with IAP and CPPM

Hi, I know that there is the following document but this does not say what is needed to get this to work.

 

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-authenticate-IAP-admin-user-against-CPPM-over-TACACS/ta-p/192931

 

I have tried different privledge levels coming back from CPPM but I either get denied access or full access. I can't seem to find the sweet spot in betwee.

 

I am using IAP Version 6.4.4.8-4.2.4.5

and Clear Pass Version: 6.6.3

MVP
Posts: 4,227
Registered: ‎07-20-2011

Re: How to Authenticate Read-Only/Guest Users with IAP and CPPM

Why are you trying to give guess users mgmt access to the IAP ?



Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 11
Registered: ‎04-08-2013

Re: How to Authenticate Read-Only/Guest Users with IAP and CPPM

I want to give access to our local IT Technitions to the portal to help with troubleshooting. They do not need full admin access.

MVP
Posts: 4,227
Registered: ‎07-20-2011

Re: How to Authenticate Read-Only/Guest Users with IAP and CPPM

Did you tried using the following TACACs profile = Aruba TACACS read-only Access
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 11
Registered: ‎04-08-2013

Re: How to Authenticate Read-Only/Guest Users with IAP and CPPM

Yes, that seems to give full access so that may work with the controllers but does not seem to work on my IAP's.

 

That policy also seems to have a Privledge level of 15. Maybe someone changed it from the default but that is what our system has. I tried making that 0 but I seemed to get the same result.

Search Airheads
Showing results for 
Search instead for 
Did you mean: