Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

222

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

Chapter 6

Administering the WAP Access

The following is a configuration example from an access point configured for
Admin authentication by using TACACS+ with the auth cache enabled. While
this example is based on a TACACS server, the access point can be configured for
Admin authentication by using RADIUS:

version 12.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ap

!

!

username Cisco password 7 123A0C041104

username admin privilege 15 password 7

01030717481C091D25

ip subnet-zero

!

!

aaa new-model

!

!

aaa group server radius rad_eap

server 192.168.134.229 auth-port 1645 acct-port

1646

!

aaa group server radius rad_mac

server 192.168.134.229 auth-port 1645 acct-port

1646

!

aaa group server radius rad_acct

server 192.168.134.229 auth-port 1645 acct-port

1646

!

aaa group server radius rad_admin

server 192.168.134.229 auth-port 1645 acct-port

1646

cache expiry 1

cache authorization profile admin_cache

cache authentication profile admin_cache

!

aaa group server tacacs+ tac_admin

server 192.168.133.231

cache expiry 1

cache authorization profile admin_cache

cache authentication profile admin_cache

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa authentication login default local cache

tac_admin group tac_admin

aaa authentication login eap_methods group rad_eap