Configuring Cisco Acs To Work With Airwave - Dell PowerConnect W-AirWave 7.6 User Manual

2. Select No to disable or Yes to enable TACACS+ authentication. If you select Yes, several new fields appear.
Complete the fields described in
Table 24:
AMP Setup > Authentication Fields and Default Values for TACACS+ Authentication
Field
Primary Server Hostname/IP
Address
Primary Server Port (1-65535)
Primary Server Secret
Confirm Primary Server Secret
Secondary Server Hostname/IP
Address
Secondary Server Port (1-65535)
Secondary Server Secret
Confirm Secondary Server Secret
3. Select Save and continue with additional steps.

Configuring Cisco ACS to Work with AirWave

To configure Cisco ACS to work with AirWave, you must define a new service named AMP that uses https on the
ACS server.
1. The AMP https service is added to the TACACS+ (Cisco) interface under the Interface Configuration tab.
2. Select a checkbox for a new service.
3. Enter AMP in the service column and https in the protocol column.
4. Select Save.
5. Edit the existing groups or users in TACACS to use the AMP service and define a role for the group or user.
The role defined on the Group Setup page in ACS must match the exact name of the role defined on the
n
AMP Setup > Roles page.
The defined role should use the following format:
n
role=DormMonitoring
As with routers and switches, AMP does not need to know usernames.
6. AMP also needs to be configured as an AAA client.
On the Network Configuration page, select Add Entry.
n
Enter the IP address of AirWave as the AAA Client IP Address.
n
The secret should be the same value that was entered on the AMP Setup > TACACS+ page.
n
7. Select TACACS+ (Cisco IOS) in the Authenticate Using drop down menu and select submit + restart.
NOTE: AirWave checks the local username and password store before checking with the TACACS+ server. If the user is found locally,
the local password and local role apply. When using TACAS+, it is not necessary or recommended to define users on the AirWave
server. The only recommended user is the backup administrator, in the event that the TACAS+ server goes down.
38 | Configuring AirWave
Table 24.
Default Description
N/A Enter the IP address or the hostname of the primary TACACS+ server.
49 Enter the port for the primary TACACS+ server.
Specify and confirm the primary shared secret for the primary TACACS+
N/A
server.
N/A Re-enter the primary server secret.
N/A Enter the IP address or hostname of the secondary TACACS+ server.
49 Enter the port for the secondary TACACS+ server.
N/A Enter the shared secret for the secondary TACACS+ server.
N/A Re-enter the secondary server secret.
role= <name_of_
AMP . One example is as follows:
_role>
Dell PowerConnect W-AirWave 7.6 | User Guide