Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Tacacs validation via HTTP (3500&2950 Series Switches)

Reply
Thread Tools

Tacacs validation via HTTP (3500&2950 Series Switches)

 
 
MarcelM
Guest
Posts: n/a
 
      09-02-2004
I have tacacs running but do not get it working via http.
does anyone had luck with that ?

Even tried to use "ip http authen aaa" but it failed to authenticate.

normal tacacs for telnet/console is working fine

any idea ??
 
Reply With Quote
 
 
 
 
Robert B. Phillips II
Guest
Posts: n/a
 
      09-07-2004
Marcel,
Are you having problems on the XL and 2950 switches? What version
of IOS is running on each platform. I seem to remember that there was
a problem in older IOS versions for the XLs (35xx and 29xx) where
tacacs authentication for the CVSM (the GUI web interface) was not
working. I cannot recall which version of code fixed it. It was a bug
which was eventually fixed in a code revision. Answer back with which
switches and IOS versions you are encountering this issue - maybe
someone with CCO access can kindly dig it up, or maybe I can find it
in release notes.

-Robert

http://www.velocityreviews.com/forums/(E-Mail Removed) (MarcelM) wrote in message news:<(E-Mail Removed). com>...
> I have tacacs running but do not get it working via http.
> does anyone had luck with that ?
>
> Even tried to use "ip http authen aaa" but it failed to authenticate.
>
> normal tacacs for telnet/console is working fine
>
> any idea ??

 
Reply With Quote
 
 
 
 
Scott
Guest
Posts: n/a
 
      09-10-2004
Marcel,

I just had the same problem. What corrected my problem is using the following...

aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+
aaa authorization commands 15 default group tacacs+ if-authenticated
ip http authentication aaa
ip http server

-Scott


(E-Mail Removed) (Robert B. Phillips II) wrote in message news:<(E-Mail Removed) om>...
> Marcel,
> Are you having problems on the XL and 2950 switches? What version
> of IOS is running on each platform. I seem to remember that there was
> a problem in older IOS versions for the XLs (35xx and 29xx) where
> tacacs authentication for the CVSM (the GUI web interface) was not
> working. I cannot recall which version of code fixed it. It was a bug
> which was eventually fixed in a code revision. Answer back with which
> switches and IOS versions you are encountering this issue - maybe
> someone with CCO access can kindly dig it up, or maybe I can find it
> in release notes.
>
> -Robert
>
> (E-Mail Removed) (MarcelM) wrote in message news:<(E-Mail Removed). com>...
> > I have tacacs running but do not get it working via http.
> > does anyone had luck with that ?
> >
> > Even tried to use "ip http authen aaa" but it failed to authenticate.
> >
> > normal tacacs for telnet/console is working fine
> >
> > any idea ??

 
Reply With Quote
 
MarcelM
Guest
Posts: n/a
 
      09-10-2004
Hi Robert,

Yes i have tested with both 3500&2950 Serie switches.
the 3500 is running c3500xl-c3h2s-mz.120-5.WC7.bin.
I just opened a CCO case at Cisco, will see if they can help me
 
Reply With Quote
 
MarcelM
Guest
Posts: n/a
 
      09-10-2004
Hi Scott

I have it setup like you mentioned, except i do not have the third line
but even if i add that it doesn't work
Have opened a case at cisco, hope they can advice me more.




(E-Mail Removed) (Scott) wrote in message news:<(E-Mail Removed). com>...
> Marcel,
>
> I just had the same problem. What corrected my problem is using the following...
>
> aaa authentication login default group tacacs+ local
> aaa authentication enable default group tacacs+ enable
> aaa authorization exec default group tacacs+
> aaa authorization commands 15 default group tacacs+ if-authenticated
> ip http authentication aaa
> ip http server
>
> -Scott
>
>
> (E-Mail Removed) (Robert B. Phillips II) wrote in message news:<(E-Mail Removed) om>...
> > Marcel,
> > Are you having problems on the XL and 2950 switches? What version
> > of IOS is running on each platform. I seem to remember that there was
> > a problem in older IOS versions for the XLs (35xx and 29xx) where
> > tacacs authentication for the CVSM (the GUI web interface) was not
> > working. I cannot recall which version of code fixed it. It was a bug
> > which was eventually fixed in a code revision. Answer back with which
> > switches and IOS versions you are encountering this issue - maybe
> > someone with CCO access can kindly dig it up, or maybe I can find it
> > in release notes.
> >
> > -Robert
> >
> > (E-Mail Removed) (MarcelM) wrote in message news:<(E-Mail Removed). com>...
> > > I have tacacs running but do not get it working via http.
> > > does anyone had luck with that ?
> > >
> > > Even tried to use "ip http authen aaa" but it failed to authenticate.
> > >
> > > normal tacacs for telnet/console is working fine
> > >
> > > any idea ??

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PIX login-authentication via TACACS - failover local cru Cisco 4 03-13-2008 12:56 AM
HTTP access using RADIUS/TACACS+ AM Cisco 0 09-18-2006 11:51 PM
Help with using TACACS to control guest http access dross@desktopguru.com Cisco 1 11-14-2005 09:04 PM
HTTP Proxy via HTTP Layer by Perl? nntp Perl Misc 12 10-23-2004 07:52 AM
What is the difference between A Series, G Series and S series of Canon Cameras zxcvar Digital Photography 3 09-09-2003 01:30 AM



Advertisments