Wireless Access

last person joined: 18 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Remote and Local Management

This thread has been viewed 3 times

  • 1.  Remote and Local Management

    Posted Apr 15, 2014 09:44 AM

    We would like to disable local user remote login via ssh/telnet and only allow TACACS remote login. Is the correct method just to disable "Allow Local Authentication?" we would want to be able to login locally with root/admin if the network is down still and need certain local accounts to access the web gui for guest provisioning as we don't use clearpass/amigopod.

     

     



  • 2.  RE: Remote and Local Management

    Posted Apr 15, 2014 09:51 AM
    Yes, disable ?Allow Local Authentication?. If the TACACS server(s) are not reachable, then and only then can you use the local accounts.


  • 3.  RE: Remote and Local Management

    Posted Apr 15, 2014 02:51 PM

    This works perfect for securing remote access via ssh/telnet but then we have the issue for anyone that doesn't have tacacs permissions. Is there no way to disable "root" accounts like the admin and in our case airwave management user from remote login but still allow local accounts that need to login for guest provisioning?



  • 4.  RE: Remote and Local Management

    Posted Apr 15, 2014 04:52 PM
    Can you pass back the role via the TACACS server?