Wireless (General)

  • 1.  Authentication: RADIUS & TACACS+

    Posted 12-16-2015 14:57
    Hi.

    Today my devices (B5 and C5) are configure with TACACS+ for network's administrator authentication.

    I want to user a Radius's server with a valid database to verify valid users, is it possible? I use Radius and TACACS configuration in the same switch?

    Thanks for attention.

    Paulo Mauricio



  • 2.  RE: Authentication: RADIUS & TACACS+

    Posted 12-17-2015 00:36
    Please clarify what you mean when you say you want RADIUS to verify valid users? are you talking about for switch management access? or for regular end system authentication, like 802.1X? If you want TACACS+ only for switch CLI access and RADIUS only for end system authentication, then you can configure both, but be sure to set the RADIUS realm to Network Access and NOT Management or Any Access.


  • 3.  RE: Authentication: RADIUS & TACACS+

    Posted 12-17-2015 09:51
    Hi Matthew.

    You are right.

    Today TACACS+ is used for switch management access, TACACS+ talk with my users database LDAP to validate user. Just network's management have this privilege.

    To future, we have a project for authentication regular end system authentication and I will think to set Microsoft Radius with LDAP. Today we use this configuration for wireless's domain users. Aruba's solution not Extreme.

    What are you think? Is it complicate? Any sugestions?

    Thks for your help.


  • 4.  RE: Authentication: RADIUS & TACACS+

    Posted 12-17-2015 13:07
    it should not be a problem. You can easily tie switch authentication in with MS NPS/IAS. I believe there are some guides around available. It should be relatively straightforward.


  • 5.  RE: Authentication: RADIUS & TACACS+

    Posted 12-17-2015 15:11
    Ok Mathew.

    Thanks again.