You are here
SEC0089 - ACS 5.4 TACACS Device Admin on WLC
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video shows you how to enable Device Admin using TACACS+ on Cisco Wireless LAN Controller (WLC) with ACS 5.4. Since WLC enforces admin access based on roles and not shell privilege, we will need to utilize TACACS+ custom attribute. The configuration will be performed on both WLC and ACS. We will attempt to restrict admin access to each of the configuration tab on the WLC using role assignment.
Topic:
- Network Device and Network Device Group
- Device Filter
-
Policy Element
- Shell Profile (TACACS+ Attribute)
- Service Selection Rule
-
Access Services
- Authorization Policy
- WLC AAA Configuration
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
4 comments
wlc configuration
hi.
i am talking about wlc configuration and videos related to byod .
thanks.
ACS does not really support
ACS does not really support BYOD. Please see ISE BYOD-related videos under http://www.labminutes.com/video/sec/ISE. Videos on wireless authentication with ACS will be released over the next few weeks.
Have WLC support Command Set in ACS ?
Hello, I want permit user only use sub-tab Security > Mac Fillter on Wireless Controller through ACS 5.8. I think it unavailable for Gui so i config throught comand set. But not success. Please help me
Have WLC support Command Set in ACS ?
Not sure if you can down to that level of granularity. Usually you can limit at main menu option level.