Hello everyone,
This guide below is how to set up TACACS with ArubaOS-Switch using Cisco ISE.
Was missing Some Commands from the Document
"aaa authentication login privilege-mode"
"aaa authorization commands tacacs"
Attachment(s)
Do you have guide for Aruba Device Management via Cisco ISE?
@capricorn80 wrote:Do you have guide to Aruba Deve Management via Cisco ISE?
Do you have guide to Aruba Deve Management via Cisco ISE?
What do you need ?
it is the same config... but replace TACACS by RADIUS ;-)
Thanks but I dont have Tacas option like like Jr_admin Profile.
I have created Result condition as below but it doesnt work.
Aruba: Aruba-Priv-Admin-Role = root
Attributes Details
Access Type = ACCESS_ACCEPTAruba-Admin-Role = root
it is for Aruba Switch ?
you need to add push like a Cisco switch shell-privilege
Yes its for Aruba Switch.
Cisco priv works like this.
Access Type = ACCESS_ACCEPTcisco-av-pair = shell:priv-M=15
Tried with HP radius option.
Access Type = ACCESS_ACCEPTHP-Privilege-Level = 15
did not work.
use cisco-av-pair for HP Switch
Thanks but I am getting it.
The Cisco AV pair for shell access is:
cisco-av-pair = shell:priv-M=15
I have tried it but it didnt work.
Can you please tell me the exact format?
Do you have a priv-level ?
Like https://www.arubanetworks.com/techdocs/ClearPass/Aruba_DeployGd_HTML/Content/HP%20Switch%20Integration/Switch_mgmt_TACACS.htm
No I dont see it.
https://community.arubanetworks.com/t5/Security/ArubaOS-Admin-Authentication-with-Microsoft-NPS/td-p/433832
This article is similar and the person is using attribute 4 with string root.
I tried the same but it doesnt work.
It is for RADIUS and Aruba(OS) Controller...
Ok thanks.
Any doc where I can find the exact value for Aruba switch shell?
Finally I tested it again and is able to fix this.
So I used Radius and then following settings on ISE to login.
Network Device Profile Cisco
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.