Wired Intelligent Edge (Campus Switching and Routing)

Reply
Occasional Contributor I

TACACS with Cisco ISE and ArubaOS-Switch

Hello everyone,

 

This guide below is how to set up TACACS with ArubaOS-Switch using Cisco ISE.  

 

 

 

Was missing Some Commands from the Document 

"aaa authentication login privilege-mode"

"aaa authorization commands tacacs"

 

Occasional Contributor II

Re: TACACS with Cisco ISE and ArubaOS-Switch

Do you have guide for Aruba Device Management via Cisco ISE?

MVP Expert

Re: TACACS with Cisco ISE and ArubaOS-Switch


@capricorn80 wrote:

Do you have guide to Aruba Deve Management via Cisco ISE?


What do you need ?




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
Occasional Contributor II

Re: TACACS with Cisco ISE and ArubaOS-Switch

I am trying to setup Aruba 2540 and 2930 ssh admin login via Cisco ISE using radius. Also web login if possible.

Get Outlook for iOS
MVP Expert

Re: TACACS with Cisco ISE and ArubaOS-Switch

it is the same config... but replace TACACS by RADIUS ;-)




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
Occasional Contributor II

Re: TACACS with Cisco ISE and ArubaOS-Switch

Thanks but I dont have Tacas option like like Jr_admin Profile.

I have created Result condition as below but it doesnt work.

 

Aruba: Aruba-Priv-Admin-Role = root

Attributes Details

Access Type = ACCESS_ACCEPT
Aruba-Admin-Role = root

 

 

MVP Expert

Re: TACACS with Cisco ISE and ArubaOS-Switch

it is for Aruba Switch ?

you need to add push like a Cisco switch shell-privilege




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
Occasional Contributor II

Re: TACACS with Cisco ISE and ArubaOS-Switch

Yes its for Aruba Switch.

 

Cisco priv works like this.

 

Access Type = ACCESS_ACCEPT
cisco-av-pair = shell:priv-M=15

 

Tried with HP radius option.

Access Type = ACCESS_ACCEPT
HP-Privilege-Level = 15

 

did not work.

MVP Expert

Re: TACACS with Cisco ISE and ArubaOS-Switch

use cisco-av-pair for HP Switch




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
Occasional Contributor II

Re: TACACS with Cisco ISE and ArubaOS-Switch

Thanks but I am getting it.

 

The Cisco AV pair for shell access is:

cisco-av-pair = shell:priv-M=15

 

I have tried it but it didnt work.

 

Can you please tell me the exact format?



Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: