topic Re: IOS Access Point Bombards TACACS+ Server with Requests in Wireless https://community.cisco.com/t5/wireless/ios-access-point-bombards-tacacs-server-with-requests/m-p/329632#M13334 <HTML><HEAD></HEAD><BODY><P>We experienced similar problems. We were instructed to use local authentication at the current time. Something about HTTP requiring authentication for each part of the page that accesses data. The configuration line is:</P><P></P><P>ip http authentication local</P><P></P><P>The single connection did not help. We were also advised that if we required ACS HTTP authentication to use RADIUS because it scaled better than TACACS and would not be as impacted as TACACS. If neither of these are an option, another workaround is to, disable logging "passed authentications". We tested this and it prevented our ACS server from pegging the cpu, memory and I/O write queues. We opted for local authentication because the lack of "passed authentication" logs impacted our troubleshooting.</P><P></P><P>Good Luck</P><P>Gerry</P></BODY></HTML> Sun, 20 Feb 2005 10:44:38 GMT gwcrook 2005-02-20T10:44:38Z IOS Access Point Bombards TACACS+ Server with Requests https://community.cisco.com/t5/wireless/ios-access-point-bombards-tacacs-server-with-requests/m-p/329631#M13333 <P>Problem: When using the web GUI to manage an IOS access point such as the AP350, AP1100, or AP1200, and when using TACACS+ to authenticate the HTTP accesses, the access point will send numerous authentication requests to the TACACS+ server for each web page accessed. </P><P></P><P>Workaround given by cisco was to use single-connection tacacs server.</P><P></P><P>My question:</P><P>How to implement this command? Is it as below </P><P>"tacacs-server host x.x.x.x single-connection port 49 key test".</P><P></P><P>I've tried using this command but still getting numerous authentication request.</P><P>Any help?</P><P></P><P>regards,</P><P>Ganesh</P><P> </P><P></P> Sun, 04 Jul 2021 17:28:20 GMT https://community.cisco.com/t5/wireless/ios-access-point-bombards-tacacs-server-with-requests/m-p/329631#M13333 ganeshp 2021-07-04T17:28:20Z Re: IOS Access Point Bombards TACACS+ Server with Requests https://community.cisco.com/t5/wireless/ios-access-point-bombards-tacacs-server-with-requests/m-p/329632#M13334 <HTML><HEAD></HEAD><BODY><P>We experienced similar problems. We were instructed to use local authentication at the current time. Something about HTTP requiring authentication for each part of the page that accesses data. The configuration line is:</P><P></P><P>ip http authentication local</P><P></P><P>The single connection did not help. We were also advised that if we required ACS HTTP authentication to use RADIUS because it scaled better than TACACS and would not be as impacted as TACACS. If neither of these are an option, another workaround is to, disable logging "passed authentications". We tested this and it prevented our ACS server from pegging the cpu, memory and I/O write queues. We opted for local authentication because the lack of "passed authentication" logs impacted our troubleshooting.</P><P></P><P>Good Luck</P><P>Gerry</P></BODY></HTML> Sun, 20 Feb 2005 10:44:38 GMT https://community.cisco.com/t5/wireless/ios-access-point-bombards-tacacs-server-with-requests/m-p/329632#M13334 gwcrook 2005-02-20T10:44:38Z