Wireless Access

Reply
Contributor I

Controller management access order: internal users and RADIUS server?

Hi all,

 

Where can I define the order of controller management access identity source? I have setup RADIUS management access but every time I log in as a admin (internal user) it first tries to authenticate using RADIUS and only after failure it checks the internal user.

 

Is there a way that in management access the internal users would be checked first and only after that the RADIUS and external identity sources?

 

Many thanks,

Aruba Employee

Re: Controller management access order: internal users and RADIUS server?

Hi Friend,

 

Always strongest authentication first :)

Valued Contributor II

Re: Controller management access order: internal users and RADIUS server?

HI,

 

Are you talking about Auth servers ? if so we can change order by using up down buttons as shown in the snapshot.

 

Mgmt_Auth.png

 

Please feel free for any further clarity on this.

Cheers,
Venu Puduchery,
[Is my post helped you ? Give Kudos :) ]
Contributor I

Re: Controller management access order: internal users and RADIUS server?

I'm not using Internal database as a authentication server. I have couple of management users statically added as you have "admin" setup in your screenshot.

 

I have also own user for Airwave and for other NMS to fetch data with SSH from the controllers. They'll also do the failed RADIUS attempt before using "internal" accounts :(   

Guru Elite

Re: Controller management access order: internal users and RADIUS server?

Unfortunately this cannot be changed. For security reasons, RADIUS/TACACS+ authentication happens first.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Controller management access order: internal users and RADIUS server?

That's not good...

 

But thanks for the answer! Really appreciate it!

 

Guru Elite

Re: Controller management access order: internal users and RADIUS server?

You can submit a feature request on the idea portal.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: