Setting the Authentication Configuration

Refer to the Authentication tab to define how user credential validation is conducted on behalf of a Management Access policy. Setting up an authentication scheme by policy allows for policy member credential validation collectively, as opposed to authenticating users individually.

To configure an external authentication resource:

  1. Select the Authentication tab.
    Click to expand in new window
    GUID-F3BEEB87-08AD-4FE4-97D0-B7923CA192ED-low.png
  2. Define the following settings to authenticate management access requests:

    Local

    Select whether the authentication server resource is centralized (local), or whether an external authentication resource is used for validating user access requests.

    RADIUS

    If local authentication is disable, define whether the RADIUS server is External or Fallback. Select fallback to revert to local RADIUS resources should a dedicated external server be unreachable.

  3. Use the drop-down menu to specify to select the AAA Policy to use with an external RADIUS resource. Access points not using its local RADIUS resource will need to interoperate with a RADIUS and LDAP Server (AAA Servers) to provide user database information and user authentication data. If there is no AAA policy suiting your RADIUS authentication requirements, either select the Create icon to define a new AAA policy or select an existing policy from the drop-down menu and select the Edit icon to update its configuration.
  4. Set the following AAA TACACS configuration parameters:
    Authentication Select to enable TACACS authentication on login. This option is not available when the Local field is set to enabled. Also, this option cannot be selected when Fallback is selected.
    Fallback Select to enable fallback to use local authentication if TACACS authentication fails. This option is not available when the Local field is set to enabled. Also, this option cannot be selected when Authentication is selected.
    Accounting Select to enable TACACS accounting on login. This option is not available when the Local field is set to enabled. When selected, the AAA TACACS Policy field is enabled.
    Authorization Select to enable TACACS authorization on login.
    Authorization Fallback Select to enable fallback on TACACS authorization failure. This option is only available when Authorization is selected.
  5. Configure the AAA TACACS Policy to use with this authentication policy. Use the drop-down to select a configured AAA TACACS policy.
  6. Click OK to update the authentication configuration, or click Reset to revert to the last saved configuration.