CHAPTER
13-1
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-29225-01
13
Configuring RADIUS and TACACS+ Servers
This chapter describes how to enable and configure the Remote Authentication Dial-In User Service
(RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+), that provides
detailed accounting information and flexible administrative control over authentication and
authorization processes. RADIUS and TACACS+ are facilitated through AAA and can be enabled only
through AAA commands.
Note You can configure your access point as a local authenticator to provide a backup for your main server or
to provide authentication service on a network without a RADIUS server. See Chapter 11, “Configuring
Authentication Types,” for detailed instructions on configuring your access point as a local authenticator.
Note For complete syntax and usage information for the commands used in this chapter, refer to the Cisco IOS
Security Command Reference for Release 12.2.
This chapter contains the following sections:
• Configuring and Enabling RADIUS, page 13-1
• Configuring and Enabling TACACS+, page 13-23
Configuring and Enabling RADIUS
This section describes how to configure and enable RADIUS. These sections describe RADIUS
configuration:
• Understanding RADIUS, page 13-2
• RADIUS Operation, page 13-2
• Configuring RADIUS, page 13-3
• Displaying the RADIUS Configuration, page 13-19
• RADIUS Attributes Sent by the Access Point, page 13-20