https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168401#M437044 <P>We have configured aaa authentication through a tacacs+ server in a catalyst switch. It works fine with console and telnet, but not with http access.</P><P>We see that console and telnet access makes that the catalyst uses tcp 49 port (tacacs+), but http access uses 49 udp port.</P><P>Our ACS works with 49 tcp (tacacs+), but not with 49 udp.</P><P>What's the problem? How can we solve it?</P><P>TIA</P> Sun, 10 Mar 2019 14:12:21 GMT venancio.martinez 2019-03-10T14:12:21Z https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168401#M437044 <P>We have configured aaa authentication through a tacacs+ server in a catalyst switch. It works fine with console and telnet, but not with http access.</P><P>We see that console and telnet access makes that the catalyst uses tcp 49 port (tacacs+), but http access uses 49 udp port.</P><P>Our ACS works with 49 tcp (tacacs+), but not with 49 udp.</P><P>What's the problem? How can we solve it?</P><P>TIA</P> Sun, 10 Mar 2019 14:12:21 GMT https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168401#M437044 venancio.martinez 2019-03-10T14:12:21Z https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168402#M437045 <HTML><HEAD></HEAD><BODY><P>I think you are using the old HTTP authentication command thats why its using UDP port 49, try using the following command</P><P></P><P>aaa authentication login default group tacacs+ enable</P><P>ip http authentication aaa</P><P></P></BODY></HTML> Fri, 21 Mar 2003 21:22:41 GMT https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168402#M437045 a-vazquez 2003-03-21T21:22:41Z https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168403#M437046 <HTML><HEAD></HEAD><BODY><P>Older version used to support XTACACS which used UDP port 49 rather than TCP/49 used for TACACS+. Please refer to this link and make sure that you have the config set up properly.</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk583/tk642/technologies_tech_note09186a0080094ea4.shtml" target="_blank">http://www.cisco.com/en/US/tech/tk583/tk642/technologies_tech_note09186a0080094ea4.shtml</A></P><P></P></BODY></HTML> Thu, 27 Mar 2003 07:59:03 GMT https://community.cisco.com/t5/network-access-control/authenticating-http-with-tacacs/m-p/168403#M437046 mhoda 2003-03-27T07:59:03Z