5-17
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-29225-01
Chapter 5 Administering the Access Point
Controlling Access Point Access with TACACS+
To disable authorization, use the no aaa authorization {network | exec} method1 global configuration
command.
Displaying the RADIUS Configuration
To display the RADIUS configuration, use the show running-config privileged EXEC command.
Controlling Access Point Access with TACACS+
This section describes how to control administrator access to the wireless device using Terminal Access
Controller Access Control System Plus (TACACS+). For complete instructions on configuring the
wireless device to support TACACS+, see Chapter 13, “Configuring RADIUS and TACACS+ Servers.”
TACACS+ provides detailed accounting information and flexible administrative control over
authentication and authorization processes. TACACS+ is facilitated through AAA and can be enabled
only through AAA commands.
Note For complete syntax and usage information for the commands used in this section, refer to the Cisco IOS
Security Command Reference for Release 12.3.
These sections describe TACACS+ configuration:
• Default TACACS+ Configuration, page 5-17
• Configuring TACACS+ Login Authentication, page 5-17
• Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services,
page 5-19
• Displaying the TACACS+ Configuration, page 5-19
Default TACACS+ Configuration
TACACS+ and AAA are disabled by default.
To prevent a lapse in security, you cannot configure TACACS+ through a network management
application.When enabled, TACACS+ can authenticate administrators accessing the wireless device
through the CLI.
Configuring TACACS+ Login Authentication
To configure AAA authentication, you define a named list of authentication methods and then apply that
list to various interfaces. The method list defines the types of authentication to be performed and the
sequence in which they are performed; it must be applied to a specific interface before any of the defined
Step 5
show running-config Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose