Security

Reply
Occasional Contributor II

Controlling access to Mobility Master via CPPM TACACS service

Hi All,

 

Having some trouble configuring our Mobility Master to do TACACS via CPPM.  Have created a new server-group on the MM and can point it back to CPPM for root logons however when accessing via an read-only account (we are sending back aruba-admin-role read-only) we can not login and see the following error in Access Tracker.

 

Requested priv_level= greater than Max Allowed priv_level=

 

Any ideas, hopefully this isn't like with the iAPs where we cannot have read-only access via TACACS.

 

Thanks,

Matt.

Guru Elite

Re: Controlling access to Mobility Master via CPPM TACACS service

Do you have Session Authorization enabled in the server definition on the MM side?


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Controlling access to Mobility Master via CPPM TACACS service

Hi Tim,

 

No I don't believe we did, do we need to enable it?

 

Thanks,

Matt

Guru Elite

Re: Controlling access to Mobility Master via CPPM TACACS service

Yes


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: