Specifications
6-15
Cisco Aironet 1200 Series Access Point Installation and Configuration Guide
OL-3446-01
Chapter 6 Administering the Access Point
Configuring the Access Point for Local Authentication and Authorization
• Use TACACS+ for privileged EXEC access authorization if authentication was performed by using
TACACS+.
• Use the local database if authentication was not performed by using TACACS+.
Note Authorization is bypassed for authenticated users who log in through the CLI even if authorization has
been configured.
Beginning in privileged EXEC mode, follow these steps to specify TACACS+ authorization for
privileged EXEC access and network services:
To disable authorization, use the no aaa authorization {network | exec} method1 global configuration
command.
Displaying the TACACS+ Configuration
To display TACACS+ server statistics, use the show tacacs privileged EXEC command.
Configuring the Access Point for Local Authentication and
Authorization
You can configure AAA to operate without a server by setting the access point to implement AAA in
local mode. The access point then handles authentication and authorization. No accounting is available
in this configuration.
Beginning in privileged EXEC mode, follow these steps to configure the access point for local AAA:
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
aaa authorization network tacacs+ Configure the access point for user TACACS+ authorization for all
network-related service requests.
Step 3
aaa authorization exec tacacs+ Configure the access point for user TACACS+ authorization to determine
if the user has privileged EXEC access.
The exec keyword might return user profile information (such as
autocommand information).
Step 4
end Return to privileged EXEC mode.
Step 5
show running-config Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
aaa new-model Enable AAA.