How to configure management authentication on IAP using Tacacs Server?

MVP Expert
MVP Expert

Instant access points come with default username and password i.e  admin/admin.  This does not go long way, as the IAP start finding their place in campus and corporate networks.

With many administrators managing and monitoring the clustered IAP networks, TACACS or Active Directory based authentication is more useful.


Keep this in view, IAP development teams have integrated TACACS and Radius based management authentication. 


Follow the below steps to configure radius authentication in IAP:

  1. Login to IAP web interface
  2. Select "System" from the main menu and then click on "Admin" tab
  3. Under local authentication, select as "Authentication Server"
  4. Under the "Auth Server 1" Select "New Server"
  5. Filling the name, IP address and shared key for Tacacs server and click OK.




Logout of the IAP web interface and try logging in using the username and password on TACACS server.

Version history
Revision #:
2 of 2
Last update:
‎08-04-2015 05:45 PM
Updated by:
Labels (1)

Is it also possible to have different access levels for users defined in tacacs?

I prefer to have some users with "view only" access, as wel as a user with guest registration only access.


What should the configuration on the tacacs server by to have this accomplished?

It would have been helpful if information about how to setup previlage based mgmt access using TACACS+ was also covered. That information is not found anywhere.

I have the same issue, i coudn't make it work with view only configuration, the only privilege levefl that iap support is 15, and the service Attributes didn't work at all. Anyone can help me? thx




Search Airheads
Showing results for 
Search instead for 
Did you mean: