beautypg.com

Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 217

background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

217

Administering the WAP Access

Chapter 6

7. Verify your entries.

show running-config

8. (Optional) Save your entries in the configuration file.

copy running-config startup-config

To disable AAA, use the

no aaa new-model

global configuration

command.

To disable AAA authentication, use the

no aaa authentication

login {default |

list-name} method1 [method2...] global

configuration command.

To either disable TACACS+ authentication for logins or to return to the

default value, use the

no login authentication {default

|

list-

name} line configuration command.

Configuring TACACS+ Authorization for Privileged EXEC Access and
Network Services

AAA authorization limits the services available to a user. When AAA
authorization is enabled, the wireless device uses information retrieved from the
user profile, that is either in the local user database or on the security server, to
configure the user session. The user is granted access to a requested service only if
the information in the user profile allows it.

You can use the

aaa authorization

global configuration command with the

tacacs

+ keyword to set parameters that restrict a user network access to

privileged EXEC mode.

The

aaa authorization exec tacacs+ local

command sets these

authorization parameters:

Use TACACS+ for privileged EXEC access authorization if

authentication was performed by using TACACS+.

Use the local database if authentication was not performed by using

TACACS+.

Beginning in privileged EXEC mode, follow these steps to specify TACACS+
authorization for privileged EXEC access and network services:

1. Enter global configuration mode.

configure terminal

2. Configure the wireless device for user TACACS+ authorization for all

network-related service requests.

aaa authorization network tacacs+

TIP

Authorization is bypassed for authenticated users who log in through CLI even
if authorization has been configured.

See also other documents in the category Rockwell Automation Equipment: