Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10372
Views
0
Helpful
5
Replies

Why do I get this "AAA-W-REJECT: New http connection for user cisco, source 10.1.30.132 destination 10.1.30.139 REJECTED" constantly?

redgasgiant
Level 1
Level 1

‎03-04-2020 02:57 PM

Hi, 

Whenever I log on to any of our sg350x switches I constantly am bombarded by these %AAA-W-REJECT: New http connection for user cisco, source 10.1.30.132 destination 10.1.30.139  REJECTED  popups. 

Why is the 10.1.30.132 switch even trying to connect to the 139 switch? 

 

Is this related to findit? 

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Mark Elsen
Hall of Fame
Hall of Fame

‎03-05-2020 12:06 AM

 

  - Check if this thread applies to your case :

           https://community.cisco.com/t5/network-access-control/aaa-authorization-of-sf302-08mpp-issue/td-p/2556695

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

redgasgiant
Level 1
Level 1
In response to Mark Elsen

‎03-05-2020 08:37 AM - edited ‎03-05-2020 08:38 AM

Thanks but we are not using radius on our network, those settings are all at defaults or turned off. 

I see that I can turn the popups off and adjust the logging threshhold, but I'd like to understand these notifications. 

Do the discovery services trigger these? 

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to redgasgiant

‎03-06-2020 02:27 AM

 

 - Since you are not using radius what kind of 'aaa authorization configuration' are you using then ?

   M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

redgasgiant
Level 1
Level 1
In response to Mark Elsen

‎03-06-2020 11:13 AM

Hi M, thank for the reply.

I am using defaults, honestly not sure what they are. Switch is brand new, I only have one user cisco/cisco. 

I don't see any AAA setting in GUI to screen shot for you. 

 

In CLI i have found the AAA settings and have tried  "aaa authentication login authorization default none" and "aaa authentication enable authorization default none" which, is no good for security. But I still see the AAA reject messages coming from other SG350x's. 

I did also find that I can stop seeing those AAA rejects(and accepts) by using the "no aaa logging login" command.  
But I'm still confused why I see the other switches attempting to connect to each other. 

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to redgasgiant

‎03-07-2020 12:23 AM

 

 - Try removing AAA-settings on the switch and the others , if not needed, check if this helps.

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful
Customers Also Viewed These Support Documents